Lucene search

FreeBSD9F15C2DA-947E-11EA-92AB-00163E433440

HistoryJan 20, 2020 - 12:00 a.m.

FreeBSD -- Use after free in cryptodev module

2020-01-2000:00:00

vuxml.freebsd.org

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

0.001 Low

EPSS

Percentile

45.6%

JSON

Problem Description:
A race condition permitted a data structure in the kernel to be used
after it was freed by the cryptodev module.
Impact:
An unprivileged process can overwrite arbitrary kernel memory.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfreebsd-kernel= 12.1UNKNOWN
FreeBSDanynoarchfreebsd-kernel< 12.1_5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	freebsd-kernel	= 12.1	UNKNOWN
FreeBSD	any	noarch	freebsd-kernel	< 12.1_5	UNKNOWN

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

0.001 Low

EPSS

Percentile

45.6%

JSON

Related for 9F15C2DA-947E-11EA-92AB-00163E433440