This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
deb6e164-b30b-11e9-a87f-a4badb2f4699 | FreeBSD -- Reference count overflow in mqueue filesystemProblem Description:System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. Impact:A local user can use this flaw to obtain access to files, directories, sockets etc. opened by processes owned by other users. If obtained struct file represents a directory from outside of user's jail, it can be used to access files outside of the jail. If the user in question is a jailed root they can obtain root privileges on the host system. Discovery 2019-07-24 Entry 2019-07-30 FreeBSD-kernel ge 12.0 lt 12.0_8 ge 11.2 lt 11.2_12 ge 11.3 lt 11.3_1 CVE-2019-5603 SA-19:15.mqueuefs |