This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
53b3474c-f680-11e9-a87f-a4badb2f4699 | FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compatProblem Description:System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. Impact:A local user can use this flaw to obtain access to files, directories, sockets, etc., opened by processes owned by other users. If obtained struct file represents a directory from outside of user's jail, it can be used to access files outside of the jail. If the user in question is a jailed root they can obtain root privileges on the host system. Discovery 2019-08-20 Entry 2019-10-24 FreeBSD-kernel ge 12.0 lt 12.0_10 ge 11.3 lt 11.3_3 ge 11.2 lt 11.2_14 CVE-2019-5603 SA-19:24.mqueuefs |