The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of FreeBSD

computer vulnerability bulletin 28448

FreeBSD: denial of service via LLE Table Lookup

Synthesis of the vulnerability

An attacker can trigger a fatal error via LLE Table Lookup of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 06/02/2019.
Identifiers: FreeBSD-EN-19:07.lle, VIGILANCE-VUL-28448.

Description of the vulnerability

An attacker can trigger a fatal error via LLE Table Lookup of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-5596

FreeBSD: use after free via File Descriptor Reference Count Leak

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via File Descriptor Reference Count Leak of FreeBSD, in order to trigger a denial of service, and possibly to run code.
Impacted products: FreeBSD.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: user shell.
Creation date: 06/02/2019.
Identifiers: CVE-2019-5596, FreeBSD-SA-19:02.fd, VIGILANCE-VUL-28447.

Description of the vulnerability

An attacker can force the usage of a freed memory area via File Descriptor Reference Count Leak of FreeBSD, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-5595

FreeBSD: information disclosure via SYSCALL Kernel Data Register

Synthesis of the vulnerability

A local attacker can read a memory fragment via SYSCALL Kernel Data Register of FreeBSD, in order to obtain sensitive information.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 06/02/2019.
Identifiers: CVE-2019-5595, FreeBSD-SA-19:01.syscall, VIGILANCE-VUL-28446.

Description of the vulnerability

A local attacker can read a memory fragment via SYSCALL Kernel Data Register of FreeBSD, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 28214

FreeBSD: denial of service via kqueue

Synthesis of the vulnerability

An attacker can trigger a fatal error via kqueue of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 10/01/2019.
Identifiers: FreeBSD-EN-19:05.kqueue, VIGILANCE-VUL-28214.

Description of the vulnerability

An attacker can trigger a fatal error via kqueue of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 28067

FreeBSD: denial of service via ZFS Vnode Deadlock

Synthesis of the vulnerability

An attacker can generate a fatal error via ZFS Vnode Deadlock of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 20/12/2018.
Identifiers: FreeBSD-EN-18:18.zfs, VIGILANCE-VUL-28067.

Description of the vulnerability

An attacker can generate a fatal error via ZFS Vnode Deadlock of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 28066

FreeBSD: denial of service via Intel Skylake

Synthesis of the vulnerability

An attacker can generate a fatal error via Intel Skylake of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 20/12/2018.
Identifiers: FreeBSD-EN-18:17.vm, VIGILANCE-VUL-28066.

Description of the vulnerability

An attacker can generate a fatal error via Intel Skylake of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 28065

FreeBSD: denial of service via ptrace Stopped Process

Synthesis of the vulnerability

An attacker can generate a fatal error via ptrace Stopped Process of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 20/12/2018.
Identifiers: FreeBSD-EN-18:16.ptrace, VIGILANCE-VUL-28065.

Description of the vulnerability

An attacker can generate a fatal error via ptrace Stopped Process of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-17160

FreeBSD: buffer overflow via bhyve

Synthesis of the vulnerability

An attacker, inside a guest system, can generate a buffer overflow via bhyve of FreeBSD, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: FreeBSD.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 05/12/2018.
Identifiers: CVE-2018-17160, FreeBSD-SA-18:14.bhyve, VIGILANCE-VUL-27949.

Description of the vulnerability

An attacker, inside a guest system, can generate a buffer overflow via bhyve of FreeBSD, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 27897

FreeBSD: privilege escalation via Loader Password

Synthesis of the vulnerability

An attacker can bypass restrictions via Loader Password of FreeBSD, in order to escalate his privileges.
Impacted products: FreeBSD.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: physical access.
Creation date: 28/11/2018.
Identifiers: FreeBSD-EN-18:15.loader, VIGILANCE-VUL-27897.

Description of the vulnerability

An attacker can bypass restrictions via Loader Password of FreeBSD, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-6925

FreeBSD: denial of service via IPv6 listen

Synthesis of the vulnerability

An attacker can generate a fatal error via IPv6 listen() of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD, pfSense.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 28/09/2018.
Identifiers: CVE-2018-6925, FreeBSD-EN-18:11.listen, pfSense-SA-18_09.webgui, VIGILANCE-VUL-27360.

Description of the vulnerability

An attacker can generate a fatal error via IPv6 listen() of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about FreeBSD: