FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9eb01384-d793-11ea-88f8-901b0ef719abFreeBSD -- Potential memory corruption in USB network device drivers

Problem Description:

A missing length validation code common to these three drivers means that a malicious USB device could write beyond the end of an allocated network packet buffer.

Impact:

An attacker with physical access to a USB port and the ability to bring a network interface up may be able to use a specially crafted USB device to gain kernel or user-space code execution.


Discovery 2020-08-05
Entry 2020-08-06
FreeBSD-kernel
ge 12.1 lt 12.1_8

ge 11.4 lt 11.4_2

ge 11.3 lt 11.3_12

CVE-2020-7459
SA-20:21.usb_net