The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of FreeBSD

FreeBSD: read-write access via jail_attach
An attacker, inside a guest system, can bypass access restrictions via jail_attach() of FreeBSD, in order to read or alter data on the host system...
CVE-2020-25582, FreeBSD-SA-21:05.jail_chdir, VIGILANCE-VUL-34662
Xen, Linux: denial of service via Linux Mapping Error
An attacker, inside a guest system, can trigger a fatal error via Linux Mapping Error of Xen, in order to trigger a denial of service on the host system...
CERTFR-2021-AVI-152, CERTFR-2021-AVI-185, CERTFR-2021-AVI-191, CERTFR-2021-AVI-264, CERTFR-2021-AVI-278, CTX296603, CVE-2021-26932, DLA-2586-1, DLA-2610-1, FEDORA-2021-7143aca8cb, FEDORA-2021-8d45d297c6, FreeBSD-SA-21:06.xen, openSUSE-SU-2021:0393-1, SUSE-SU-2021:0735-1, SUSE-SU-2021:0736-1, SUSE-SU-2021:0737-1, SUSE-SU-2021:0738-1, SUSE-SU-2021:0740-1, SUSE-SU-2021:0741-1, SUSE-SU-2021:0743-1, SUSE-SU-2021:0744-1, SUSE-SU-2021:1175-1, SUSE-SU-2021:1176-1, SUSE-SU-2021:1210-1, VIGILANCE-VUL-34589, XSA-361
FreeBSD: information disclosure via VOP_READDIR
A local attacker can read a memory fragment via VOP_READDIR of FreeBSD, in order to obtain sensitive information...
CVE-2020-25578, CVE-2020-25579, FreeBSD-SA-21:01.fsdisclosure, VIGILANCE-VUL-34432
Xen: denial of service via Watched Path Update
An attacker, inside a guest system, can trigger a fatal error via Watched Path Update of Xen, in order to trigger a denial of service on the host system...
CERTFR-2020-AVI-824, CERTFR-2020-AVI-825, CERTFR-2021-AVI-077, CERTFR-2021-AVI-111, CERTFR-2021-AVI-120, CERTFR-2021-AVI-138, CERTFR-2021-AVI-149, CERTFR-2021-AVI-191, CTX286756, CVE-2020-29568, DLA-2557-1, DLA-2586-1, DSA-4843-1, FreeBSD-SA-21:02.xenoom, openSUSE-SU-2021:0075-1, openSUSE-SU-2021:0241-1, SUSE-SU-2021:0347-1, SUSE-SU-2021:0348-1, SUSE-SU-2021:0353-1, SUSE-SU-2021:0354-1, SUSE-SU-2021:0427-1, SUSE-SU-2021:0433-1, SUSE-SU-2021:0434-1, SUSE-SU-2021:0437-1, SUSE-SU-2021:0438-1, SUSE-SU-2021:0452-1, SUSE-SU-2021:0532-1, USN-4748-1, USN-4749-1, USN-4750-1, USN-4751-1, VIGILANCE-VUL-34116, XSA-349
FreeBSD 12.2: privilege escalation via ipfw Uninitialized Variable
An attacker can bypass restrictions via ipfw Uninitialized Variable of FreeBSD 12.2, in order to escalate his privileges...
FreeBSD-EN-20:21.ipfw, VIGILANCE-VUL-34021
FreeBSD: privilege escalation via Bhyve SVM Guest Escape
An attacker can bypass restrictions via Bhyve SVM Guest Escape of FreeBSD, in order to escalate his privileges...
CVE-2020-7467, FreeBSD-SA-20:29.bhyve_svm, VIGILANCE-VUL-33327
FreeBSD: privilege escalation via Bhyve VMCS Access
An attacker can bypass restrictions via Bhyve VMCS Access of FreeBSD, in order to escalate his privileges...
CVE-2020-24718, FreeBSD-SA-20:28.bhyve_vmcs, VIGILANCE-VUL-33326
FreeBSD: information disclosure via ure packet-in-packet
An attacker can bypass access restrictions to data via ure packet-in-packet of FreeBSD, in order to obtain sensitive information...
CVE-2020-7464, FreeBSD-SA-20:27.ure, VIGILANCE-VUL-33325
FreeBSD: buffer overflow via Dhclient Option 119
An attacker can trigger a buffer overflow via Dhclient Option 119 of FreeBSD, in order to trigger a denial of service, and possibly to run code...
CVE-2020-7461, FreeBSD-SA-20:26.dhclient, VIGILANCE-VUL-33238
FreeBSD: use after free via Loopback IPv6 Hop-by-Hop Options
An attacker can force the usage of a freed memory area via Loopback IPv6 Hop-by-Hop Options of FreeBSD, in order to trigger a denial of service, and possibly to run code...
CVE-2020-7462, FreeBSD-SA-20:24.ipv6, VIGILANCE-VUL-33237
Our database contains other pages. You can request a free trial to read them.

Display information about FreeBSD: