Vulnerabilities > Freebsd > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-05-13 CVE-2020-7455 Missing Release of Resource after Effective Lifetime vulnerability in Freebsd 11.3/11.4/12.1
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd).
local
low complexity
freebsd CWE-772
5.5
2020-04-29 CVE-2020-7453 Improper Check for Unusual or Exceptional Conditions vulnerability in Freebsd 11.3/12.1
In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jail_set configuration option "osrelease" may return more bytes with a subsequent jail_get system call allowing a malicious jail superuser with permission to create nested jails to read kernel memory.
local
low complexity
freebsd CWE-754
6.0
2020-04-28 CVE-2020-7451 Use of Uninitialized Resource vulnerability in Freebsd 11.3/12.1
In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosing one byte of kernel memory over the network.
network
low complexity
freebsd CWE-908
5.3
2020-04-28 CVE-2019-15877 Missing Authorization vulnerability in Freebsd 12.1
In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory.
local
low complexity
freebsd CWE-862
5.5
2020-04-28 CVE-2019-15876 Missing Authorization vulnerability in Freebsd 11.3/12.1
In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to send passthrough commands to the device firmware.
local
low complexity
freebsd CWE-862
5.5
2020-02-20 CVE-2015-2923 Improper Input Validation vulnerability in Freebsd
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
low complexity
freebsd CWE-20
6.5
2019-07-26 CVE-2019-5605 Improper Initialization vulnerability in Freebsd 11.0/11.2/11.3
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, due to insufficient initialization of memory copied to userland in the freebsd32_ioctl interface, small amounts of kernel memory may be disclosed to userland processes.
network
low complexity
freebsd CWE-665
6.5
2019-07-03 CVE-2019-5601 Information Exposure vulnerability in Freebsd 11.2/12.0
In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding.
network
low complexity
freebsd CWE-200
6.5
2019-04-17 CVE-2019-9494 Information Exposure Through Discrepancy vulnerability in multiple products
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns.
5.9
2019-02-12 CVE-2019-5595 Incomplete Cleanup vulnerability in Freebsd 11.2/12.0
In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed.
local
low complexity
freebsd CWE-459
5.5