This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
14a3b376-b30a-11e9-a87f-a4badb2f4699 | FreeBSD -- Privilege escalation in cd(4) driverProblem Description:To implement one particular ioctl, the Linux emulation code used a special interface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) device to arbitrarily overwrite kernel memory when some media is present in the device. Impact:A user in the operator group can make use of this interface to gain root privileges on a system with a cd(4) device when some media is present in the device. Discovery 2019-07-02 Entry 2019-07-30 FreeBSD-kernel ge 12.0 lt 12.0_7 ge 11.2 lt 11.2_11 CVE-2019-5602 SA-19:11.cd_ioctl |