Vulnerabilities > Freebsd > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2020-7467 | Improper Privilege Management vulnerability in Freebsd In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped. | 7.2 |
| 2021-03-26 | CVE-2020-7461 | Out-of-bounds Write vulnerability in multiple products In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. | 7.5 |
| 2021-03-26 | CVE-2020-25582 | Race Condition vulnerability in Freebsd 11.4/12.2 In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed. | 8.5 |
| 2021-03-26 | CVE-2020-25581 | Race Condition vulnerability in Freebsd 11.4/12.2 In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jail_remove(2) implementation, it may fail to kill some of the processes. | 8.5 |
| 2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |
| 2020-09-25 | CVE-2020-24718 | Missing Authorization vulnerability in multiple products bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP. | 7.2 |
| 2020-07-09 | CVE-2020-7458 | Out-of-bounds Write vulnerability in Freebsd 11.4/12.1 In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution. | 7.5 |
| 2020-06-09 | CVE-2020-7456 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution. | 7.2 |
| 2020-05-13 | CVE-2020-7454 | Out-of-bounds Write vulnerability in Freebsd 11.3/11.4/12.1 In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module. | 7.5 |
| 2020-05-13 | CVE-2019-15880 | Improper Input Validation vulnerability in Freebsd 12.1 In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic. | 7.5 |