This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
a9c6e9be-61fb-11eb-b87a-901b0ef719ab | FreeBSD -- Uninitialized kernel stack leaks in several file systemsProblem Description:Several file systems were not properly initializing the d_off field of the dirent structures returned by VOP_READDIR. In particular, tmpfs(5), smbfs(5), autofs(5) and mqueuefs(5) were failing to do so. As a result, eight uninitialized kernel stack bytes may be leaked to userspace by these file systems. This problem is not present in FreeBSD 11. Additionally, msdosfs(5) was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes. Impact:Kernel stack disclosures may leak sensitive information which could be used to compromise the security of the system. Discovery 2021-01-29 Entry 2021-01-29 FreeBSD-kernel ge 12.2 lt 12.2_3 ge 12.1 lt 12.1_13 ge 11.4 lt 11.4_7 CVE-2020-25578 CVE-2020-25579 SA-21:01.fsdisclosure |