FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7b6a11b5-600a-11e6-a6c3-14dae9d210b8	FreeBSD -- Incorrect argument validation in sysarch(2) Problem Description: A special combination of sysarch(2) arguments, specify a request to uninstall a set of descriptors from the LDT. The start descriptor is cleared and the number of descriptors are provided. Due to lack of sufficient bounds checking during argument validity verification, unbound zero'ing of the process LDT and adjacent memory can be initiated from usermode. Impact: This vulnerability could cause the kernel to panic. In addition it is possible to perform a local Denial of Service against the system by unprivileged processes. Discovery 2016-03-16 Entry 2016-08-11 Modified 2016-10-25 FreeBSD-kernel ge 11.0 lt 11.0_2 ge 10.3 lt 10.3_11 ge 10.2 lt 10.2_24 ge 10.1 lt 10.1_41 ge 9.3 lt 9.3_49 CVE-2016-1885 SA-16:15.sysarch

VuXML ID

Description

7b6a11b5-600a-11e6-a6c3-14dae9d210b8

FreeBSD -- Incorrect argument validation in sysarch(2)

Problem Description:

A special combination of sysarch(2) arguments, specify a request to uninstall a set of descriptors from the LDT. The start descriptor is cleared and the number of descriptors are provided. Due to lack of sufficient bounds checking during argument validity verification, unbound zero'ing of the process LDT and adjacent memory can be initiated from usermode.

Impact:

This vulnerability could cause the kernel to panic. In addition it is possible to perform a local Denial of Service against the system by unprivileged processes.

Discovery 2016-03-16
Entry 2016-08-11
Modified 2016-10-25
FreeBSD-kernel

ge 11.0 lt 11.0_2

ge 10.3 lt 10.3_11

ge 10.2 lt 10.2_24

ge 10.1 lt 10.1_41

ge 9.3 lt 9.3_49

CVE-2016-1885
SA-16:15.sysarch