FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  507000
Date:      2019-07-20
Time:      16:13:25Z
Committer: mandree

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
47873d72-14eb-11e7-970f-002590263bf5xen-tools -- xenstore denial of service via repeated update

The Xen Project reports:

Unprivileged guests may be able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service (DoS) of the entire host.


Discovery 2017-03-28
Entry 2017-03-30
xen-tools
lt 4.7.2_1

http://xenbits.xen.org/xsa/advisory-206.html
a73aba9a-effe-11e6-ae1b-002590263bf5xen-tools -- oob access in cirrus bitblt copy

The Xen Project reports:

When doing bitblt copy backwards, qemu should negate the blit width. This avoids an oob access before the start of video memory.

A malicious guest administrator can cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation.


Discovery 2017-02-10
Entry 2017-02-11
xen-tools
lt 4.7.1_2

CVE-2017-2615
http://xenbits.xen.org/xsa/advisory-208.html
59f79c99-ba4d-11e6-ae1b-002590263bf5xen-tools -- delimiter injection vulnerabilities in pygrub

The Xen Project reports:

pygrub, the boot loader emulator, fails to quote (or sanity check) its results when reporting them to its caller.

A malicious guest administrator can obtain the contents of sensitive host files (an information leak). Additionally, a malicious guest administrator can cause files on the host to be removed, causing a denial of service. In some unusual host configurations, ability to remove certain files may be usable for privilege escalation.


Discovery 2016-11-22
Entry 2016-12-04
xen-tools
lt 4.7.1

CVE-2016-9379
CVE-2016-9380
ports/214936
https://xenbits.xen.org/xsa/advisory-198.html
58685e23-ba4d-11e6-ae1b-002590263bf5xen-tools -- qemu incautious about shared ring processing

The Xen Project reports:

The compiler can emit optimizations in qemu which can lead to double fetch vulnerabilities. Specifically data on the rings shared between qemu and the hypervisor (which the guest under control can obtain mappings of) can be fetched twice (during which time the guest can alter the contents) possibly leading to arbitrary code execution in qemu.

Malicious administrators can exploit this vulnerability to take over the qemu process, elevating its privilege to that of the qemu process.

In a system not using a device model stub domain (or other techniques for deprivileging qemu), malicious guest administrators can thus elevate their privilege to that of the host.


Discovery 2016-11-22
Entry 2016-12-04
xen-tools
lt 4.7.1

CVE-2016-9381
ports/214936
https://xenbits.xen.org/xsa/advisory-197.html
af19ecd0-0f6a-11e7-970f-002590263bf5xen-tools -- Cirrus VGA Heap overflow via display refresh

The Xen Project reports:

A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process.


Discovery 2017-03-14
Entry 2017-03-23
xen-tools
lt 4.7.2

CVE-2016-9603
http://xenbits.xen.org/xsa/advisory-211.html
8cbd9c08-f8b9-11e6-ae1b-002590263bf5xen-tools -- cirrus_bitblt_cputovideo does not check if memory region is safe

The Xen Project reports:

In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo fails to check whether the specified memory region is safe. A malicious guest administrator can cause an out of bounds memory write, very likely exploitable as a privilege escalation.


Discovery 2017-02-21
Entry 2017-02-22
xen-tools
lt 4.7.1_4

CVE-2017-2620
http://xenbits.xen.org/xsa/advisory-209.html