This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
30ce591c-947b-11ea-92ab-00163e433440 | FreeBSD -- Insufficient packet length validation in libaliasProblem Description:libalias(3) packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias(3) module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write condition to occur. Impact:A malicious attacker could send specially constructed packets that exploit the lack of validation allowing the attacker to read or write memory either from the kernel (for the in-kernel NAT implementation) or from the process space for natd (for the userspace implementation). Discovery 2020-05-12 Entry 2020-05-12 FreeBSD-kernel ge 12.1 lt 12.1_5 ge 11.4 lt 11.4_1 ge 11.3 lt 11.3_9 CVE-2020-7454 SA-20:12.libalias |