Vulnerabilities > Freebsd

DATE CVE VULNERABILITY TITLE RISK
2020-08-06 CVE-2020-7460 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.
4.4
2020-08-06 CVE-2020-7459 Improper Input Validation vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an allocated network packet buffer.
local
low complexity
freebsd CWE-20
4.6
2020-07-09 CVE-2020-7458 Out-of-bounds Write vulnerability in Freebsd 11.4/12.1
In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution.
network
low complexity
freebsd CWE-787
7.5
2020-07-09 CVE-2020-7457 Improper Synchronization vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory after being freed, possibly resulting in code execution.
network
freebsd CWE-662
6.8
2020-06-09 CVE-2020-7456 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution.
local
low complexity
freebsd netapp CWE-119
7.2
2020-05-24 CVE-2020-13434 Integer Overflow or Wraparound vulnerability in multiple products
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
5.5
2020-05-13 CVE-2020-7455 Missing Release of Resource after Effective Lifetime vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd).
local
low complexity
freebsd CWE-772
2.1
2020-05-13 CVE-2020-7454 Out-of-bounds Write vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module.
network
low complexity
freebsd CWE-787
7.5
2020-05-13 CVE-2019-15880 Improper Input Validation vulnerability in Freebsd 12.1
In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic.
network
low complexity
freebsd CWE-20
7.5
2020-05-13 CVE-2019-15879 Race Condition vulnerability in Freebsd 11.3/12.1
In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory.
network
freebsd CWE-362
5.8