FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
14a3b376-b30a-11e9-a87f-a4badb2f4699	FreeBSD -- Privilege escalation in cd(4) driver Problem Description: To implement one particular ioctl, the Linux emulation code used a special interface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) device to arbitrarily overwrite kernel memory when some media is present in the device. Impact: A user in the operator group can make use of this interface to gain root privileges on a system with a cd(4) device when some media is present in the device. Discovery 2019-07-02 Entry 2019-07-30 FreeBSD-kernel ge 12.0 lt 12.0_7 ge 11.2 lt 11.2_11 CVE-2019-5602 SA-19:11.cd_ioctl

VuXML ID

Description

14a3b376-b30a-11e9-a87f-a4badb2f4699

FreeBSD -- Privilege escalation in cd(4) driver

Problem Description:

To implement one particular ioctl, the Linux emulation code used a special interface present in the cd(4) driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read access to a cd(4) device to arbitrarily overwrite kernel memory when some media is present in the device.

Impact:

A user in the operator group can make use of this interface to gain root privileges on a system with a cd(4) device when some media is present in the device.

Discovery 2019-07-02
Entry 2019-07-30
FreeBSD-kernel

ge 12.0 lt 12.0_7

ge 11.2 lt 11.2_11

CVE-2019-5602
SA-19:11.cd_ioctl