The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of OpenBSD

vulnerability announce CVE-2019-1125

Intel 64-bit CPU: information disclosure via SWAPGS

Synthesis of the vulnerability

A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information.
Impacted products: SNS, Arkoon FAST360, Debian, BIG-IP Hardware, TMOS, Fedora, Linux, McAfee Email Gateway, McAfee Web Gateway, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, NETASQ, OpenBSD, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 07/08/2019.
Identifiers: CERTFR-2019-AVI-375, CERTFR-2019-AVI-376, CERTFR-2019-AVI-381, CERTFR-2019-AVI-390, CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-417, CERTFR-2019-AVI-418, CERTFR-2019-AVI-428, CERTFR-2019-AVI-440, CERTFR-2019-AVI-458, CERTFR-2019-AVI-467, CERTFR-2019-AVI-486, CVE-2019-1125, DLA-1884-1, DLA-1885-1, DSA-4495-1, DSA-4497-1, FEDORA-2019-6bda4c81f4, FEDORA-2019-e37c348348, K31085564, openSUSE-SU-2019:1923-1, openSUSE-SU-2019:1924-1, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2473-01, RHSA-2019:2476-01, RHSA-2019:2600-01, RHSA-2019:2609-01, RHSA-2019:2695-01, RHSA-2019:2696-01, RHSA-2019:2730-01, RHSA-2019:2899-01, RHSA-2019:2900-01, RHSA-2019:2975-01, SB10297, SSA:2019-226-01, STORM-2019-007, SUSE-SU-2019:14157-1, SUSE-SU-2019:2068-1, SUSE-SU-2019:2069-1, SUSE-SU-2019:2070-1, SUSE-SU-2019:2071-1, SUSE-SU-2019:2072-1, SUSE-SU-2019:2073-1, SUSE-SU-2019:2262-1, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SWAPGS, Synology-SA-19:32, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4096-1, VIGILANCE-VUL-29962.

Description of the vulnerability

A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-8460

OpenBSD: denial of service via TCP SACK Holes Chains

Synthesis of the vulnerability

An attacker can trigger a fatal error via TCP SACK Holes Chains of OpenBSD, in order to trigger a denial of service.
Impacted products: Data ONTAP 7-Mode, OpenBSD.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 25/07/2019.
Identifiers: CVE-2019-8460, NTAP-20190905-0001, VIGILANCE-VUL-29880.

Description of the vulnerability

An attacker can trigger a fatal error via TCP SACK Holes Chains of OpenBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-12126 CVE-2018-12127 CVE-2018-12130

Intel processors: information disclosure via performance measurement

Synthesis of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Impacted products: XenServer, Debian, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, HP ProLiant, QRadar SIEM, Linux, McAfee Email Gateway, McAfee NSM, McAfee NSP, McAfee NTBA, McAfee Web Gateway, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows RT, OpenBSD, openSUSE Leap, PAN-OS, pfSense, RHEL, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, ESXi, vCenter Server, VMware vSphere Hypervisor, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 15/05/2019.
Revision date: 15/05/2019.
Identifiers: 1074268, CERTFR-2019-AVI-209, CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-213, CERTFR-2019-AVI-215, CERTFR-2019-AVI-217, CERTFR-2019-AVI-229, CERTFR-2019-AVI-230, CERTFR-2019-AVI-233, CERTFR-2019-AVI-311, CERTFR-2019-AVI-458, CERTFR-2019-AVI-489, CTX251995, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, DLA-1787-1, DLA-1789-1, DLA-1789-2, DLA-1799-1, DLA-1799-2, DSA-4444-1, DSA-4447-1, DSA-4447-2, FEDORA-2019-0731828893, FEDORA-2019-1f5832fc0e, FEDORA-2019-640f8d8dd1, FEDORA-2019-6458474bf2, FEDORA-2019-c36afa818c, FEDORA-2019-e6bf55e821, FEDORA-2019-eb08fb0c5f, FG-IR-18-002, FreeBSD-SA-19:07.mds, HPESBHF03933, INTEL-SA-00233, openSUSE-SU-2019:1402-1, openSUSE-SU-2019:1403-1, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1407-1, openSUSE-SU-2019:1408-1, openSUSE-SU-2019:1419-1, openSUSE-SU-2019:1420-1, openSUSE-SU-2019:1468-1, openSUSE-SU-2019:1505-1, openSUSE-SU-2019:1805-1, openSUSE-SU-2019:1806-1, PAN-SA-2019-0012, RHSA-2019:1155-01, RHSA-2019:1167-01, RHSA-2019:1168-01, RHSA-2019:1169-01, RHSA-2019:1170-01, RHSA-2019:1171-01, RHSA-2019:1172-01, RHSA-2019:1174-01, RHSA-2019:1175-01, RHSA-2019:1176-01, RHSA-2019:1177-01, RHSA-2019:1178-01, RHSA-2019:1180-01, RHSA-2019:1181-01, RHSA-2019:1182-01, RHSA-2019:1183-01, RHSA-2019:1184-01, RHSA-2019:1185-01, RHSA-2019:1186-01, RHSA-2019:1187-01, RHSA-2019:1188-01, RHSA-2019:1189-01, RHSA-2019:1190-01, RHSA-2019:1193-01, RHSA-2019:1194-01, RHSA-2019:1195-01, RHSA-2019:1196-01, RHSA-2019:1197-01, RHSA-2019:1198-01, SB10292, SSA-608355, SSA-616472, SUSE-SU-2019:1235-1, SUSE-SU-2019:1236-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1243-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1248-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:1296-1, SUSE-SU-2019:1313-1, SUSE-SU-2019:1347-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1356-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14048-1, SUSE-SU-2019:14051-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, SUSE-SU-2019:14133-1, SUSE-SU-2019:1423-1, SUSE-SU-2019:1438-1, SUSE-SU-2019:1452-1, SUSE-SU-2019:1490-1, SUSE-SU-2019:1547-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1909-1, SUSE-SU-2019:1910-1, SUSE-SU-2019:1954-1, SUSE-SU-2019:2430-1, Synology-SA-19:24, USN-3977-1, USN-3977-2, USN-3977-3, USN-3978-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, USN-3983-1, USN-3983-2, USN-3984-1, USN-3985-1, USN-3985-2, VIGILANCE-VUL-29300, VMSA-2019-0008, XSA-297, ZombieLoad.

Description of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 29177

OpenBSD: denial of service via IPv6

Synthesis of the vulnerability

A local attacker can create malicious IPv6 packets to OpenBSD, in order to trigger a denial of service.
Impacted products: OpenBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: privileged shell.
Creation date: 02/05/2019.
Identifiers: VIGILANCE-VUL-29177.

Description of the vulnerability

A local attacker can create malicious IPv6 packets to OpenBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 28874

OpenBSD: privilege escalation via vmmints

Synthesis of the vulnerability

An attacker can bypass restrictions via vmmints of OpenBSD, in order to escalate his privileges.
Impacted products: OpenBSD.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 27/03/2019.
Identifiers: VIGILANCE-VUL-28874.

Description of the vulnerability

An attacker can bypass restrictions via vmmints of OpenBSD, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 28374

OpenBSD: memory leak via unveil

Synthesis of the vulnerability

An attacker can create a memory leak via unveil() of OpenBSD, in order to trigger a denial of service.
Impacted products: OpenBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 28/01/2019.
Identifiers: VIGILANCE-VUL-28374.

Description of the vulnerability

An attacker can create a memory leak via unveil() of OpenBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 28373

OpenBSD: denial of service via NFS

Synthesis of the vulnerability

An attacker can trigger a fatal error via NFS of OpenBSD, in order to trigger a denial of service.
Impacted products: OpenBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user account.
Creation date: 28/01/2019.
Identifiers: VIGILANCE-VUL-28373.

Description of the vulnerability

An attacker can trigger a fatal error via NFS of OpenBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 28372

OpenBSD: information disclosure via mincore

Synthesis of the vulnerability

A local attacker can read a memory fragment via mincore() of OpenBSD, in order to obtain sensitive information.
Impacted products: OpenBSD.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 28/01/2019.
Identifiers: VIGILANCE-VUL-28372.

Description of the vulnerability

A local attacker can read a memory fragment via mincore() of OpenBSD, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 28102

OpenBSD: buffer overflow via setsockopt

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via setsockopt() of OpenBSD, in order to trigger a denial of service, and possibly to run code.
Impacted products: OpenBSD.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 27/12/2018.
Identifiers: VIGILANCE-VUL-28102.

Description of the vulnerability

An attacker can trigger a buffer overflow via setsockopt() of OpenBSD, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 28052

OpenBSD: assertion error via recv MSG_WAITALL

Synthesis of the vulnerability

An attacker can force an assertion error via recv() MSG_WAITALL of OpenBSD, in order to trigger a denial of service.
Impacted products: OpenBSD.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 19/12/2018.
Identifiers: VIGILANCE-VUL-28052.

Description of the vulnerability

An attacker can force an assertion error via recv() MSG_WAITALL of OpenBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about OpenBSD: