FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3c10ccdf-6a09-11ea-92ab-00163e433440	FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking Problem Description: The driver-specific ioctl(2) command handlers in oce(4) failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The oce(4) handler permits unprivileged users to send passthrough commands to device firmware. Discovery 2020-03-19 Entry 2020-03-19 FreeBSD-kernel ge 12.1 lt 12.1_3 ge 11.3 lt 11.3_7 CVE-2019-15876 SA-20:05.if_oce_ioctl

VuXML ID

Description

3c10ccdf-6a09-11ea-92ab-00163e433440

FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking

Problem Description:

The driver-specific ioctl(2) command handlers in oce(4) failed to check whether the caller has sufficient privileges to perform the corresponding operation.

Impact:

The oce(4) handler permits unprivileged users to send passthrough commands to device firmware.

Discovery 2020-03-19
Entry 2020-03-19
FreeBSD-kernel

ge 12.1 lt 12.1_3

ge 11.3 lt 11.3_7

CVE-2019-15876
SA-20:05.if_oce_ioctl