Vulnerabilities > Freebsd
|2021-03-26||CVE-2020-25582|| Race Condition vulnerability in Freebsd 11.4/12.2 |
In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed.
| 8.5 |
|2021-03-26||CVE-2020-25581|| Race Condition vulnerability in Freebsd 11.4/12.2 |
In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jail_remove(2) implementation, it may fail to kill some of the processes.
| 8.5 |
|2021-03-26||CVE-2020-25580|| Incorrect Comparison vulnerability in Freebsd 11.4/12.2 |
In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not.
| 5.0 |
|2021-03-26||CVE-2020-25579|| Missing Initialization of Resource vulnerability in Freebsd 11.4/12.1/12.2 |
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes.
| 5.0 |
|2021-03-26||CVE-2020-25578|| Information Exposure vulnerability in Freebsd 11.4/12.1/12.2 |
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d_off field of the dirent structures returned by VOP_READDIR.
| 5.0 |
|2021-03-25||CVE-2021-3450|| Improper Certificate Validation vulnerability in multiple products |
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.
| 7.4 |
|2021-03-25||CVE-2021-3449|| NULL Pointer Dereference vulnerability in multiple products |
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
| 4.3 |
|2020-09-25||CVE-2020-24718|| Missing Authorization vulnerability in multiple products |
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.
low complexityfreebsd omniosce openindiana netapp CWE-862
| 7.2 |
|2020-09-03||CVE-2020-24863|| Out-of-bounds Write vulnerability in multiple products |
A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode.
low complexitymidnightbsd freebsd CWE-787
| 4.9 |
|2020-09-03||CVE-2020-24385|| NULL Pointer Dereference vulnerability in multiple products |
In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel.
low complexitymidnightbsd freebsd CWE-476
| 4.9 |