This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
499b22a3-f680-11e9-a87f-a4badb2f4699 | FreeBSD -- Insufficient validation of guest-supplied data (e1000 device)Problem Description:The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When TCP segmentation offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to determine the size of the on-stack buffer without validation. The subsequent header generation could overflow an incorrectly sized buffer or indirect a pointer composed of stack garbage. Impact:A misbehaving bhyve guest could overwrite memory in the bhyve process on the host. Discovery 2019-08-06 Entry 2019-10-24 FreeBSD-kernel ge 12.0 lt 12.0_9 ge 11.3 lt 11.3_2 ge 11.2 lt 11.2_13 CVE-2019-5609 SA-19:21.bhyve |