Vulnerabilities > Freebsd

DATE CVE VULNERABILITY TITLE RISK
2016-05-25 CVE-2016-1887 Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/10.3
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.
local
low complexity
freebsd CWE-264
7.2
2016-05-25 CVE-2016-1886 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
local
low complexity
freebsd CWE-119
7.2
2016-04-12 CVE-2016-1885 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd 10.1/10.2/9.3
Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow.
local
low complexity
freebsd CWE-119
4.9
2016-01-29 CVE-2016-1882 Data Processing Errors vulnerability in Freebsd 10.1/10.2/9.3
FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options.
network
low complexity
freebsd CWE-19
7.8
2016-01-29 CVE-2016-1879 Denial of Service vulnerability in Freebsd 10.1/10.2/9.3
The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet.
network
low complexity
freebsd
7.8
2015-09-18 CVE-2014-8611 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.
6.9
2015-07-18 CVE-2015-3625 Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver
The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference.
local
low complexity
nvidia freebsd CWE-264
7.2
2015-04-10 CVE-2015-1415 Information Exposure vulnerability in Freebsd
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
local
low complexity
freebsd CWE-200
2.1
2015-02-27 CVE-2015-1414 Remote Denial of Service vulnerability in FreeBSD
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10.
network
low complexity
netgate debian freebsd
7.8
2015-02-02 CVE-2014-8613 Remote Denial of Service vulnerability in Freebsd 10.1/8.4/9.3
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk.
network
low complexity
freebsd
7.8