Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveFreebsdCVE-2021-29626
HistoryApr 07, 2021 - 3:15 p.m.

CVE-2021-29626

2021-04-0715:15:13
CWE-416
freebsd
web.nvd.nist.gov
39
2
cve-2021-29626
freebsd
copy-on-write logic
vulnerability
security
data leakage
nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

JSON

In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unprivileged process to maintain a mapping after it is freed, allowing the process to read private data belonging to other processes or the kernel.

Affected configurations

Nvd
Node
freebsdfreebsdRange<11.4
OR
freebsdfreebsdRange12.012.2
OR
freebsdfreebsdMatch11.4-
OR
freebsdfreebsdMatch11.4beta1
OR
freebsdfreebsdMatch11.4p1
OR
freebsdfreebsdMatch11.4p2
OR
freebsdfreebsdMatch11.4p3
OR
freebsdfreebsdMatch11.4p4
OR
freebsdfreebsdMatch11.4p5
OR
freebsdfreebsdMatch11.4rc1
OR
freebsdfreebsdMatch11.4rc2
OR
freebsdfreebsdMatch12.2-
OR
freebsdfreebsdMatch12.2p1
OR
freebsdfreebsdMatch12.2p2
OR
freebsdfreebsdMatch13.0beta1
OR
freebsdfreebsdMatch13.0beta2
OR
freebsdfreebsdMatch13.0beta3
OR
freebsdfreebsdMatch13.0beta4
OR
freebsdfreebsdMatch13.0rc1
OR
freebsdfreebsdMatch13.0rc2
OR
freebsdfreebsdMatch13.0rc3
OR
freebsdfreebsdMatch13.0rc4
OR
freebsdfreebsdMatch13.0rc5
VendorProductVersionCPE
freebsdfreebsd*cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:rc1:*:*:*:*:*:*
freebsdfreebsd11.4cpe:2.3:o:freebsd:freebsd:11.4:rc2:*:*:*:*:*:*
Rows per page:
1-10 of 221

CNA Affected

[
  {
    "product": "FreeBSD",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "FreeBSD 12.2-RELEASE before p6, 11.4-RELEASE before p9"
      }
    ]
  }
]

Social References

More

Related

prion 1
nvd 1
freebsd 1
cvelist 1
freebsd_advisory 1
debiancve 1
nessus 1
prion
prion
Code injection
2021-04-07 15:15:00
nvd
nvd
CVE-2021-29626
2021-04-07 15:15:13
freebsd
freebsd
FreeBSD -- Memory disclosure by stale virtual memory mapping
2021-04-06 00:00:00
cvelist
cvelist
CVE-2021-29626
2021-04-07 14:48:32
freebsd_advisory
freebsd_advisory
FreeBSD-SA-21:08.vm
2021-04-06 00:00:00
debiancve
debiancve
CVE-2021-29626
2021-04-07 15:15:13
nessus
nessus
FreeBSD : FreeBSD -- Memory disclosure by stale virtual memory mapping (13d37672-9791-11eb-b87a-901b0ef719ab)
2021-04-14 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2021-29626
prion1nvd1freebsd1cvelist1freebsd_advisory1debiancve1nessus1