Date: Tue, 9 Aug 2016 22:25:53 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r419975 - head/security/vuxml Message-ID: <201608092225.u79MPrwZ033263@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Tue Aug 9 22:25:52 2016 New Revision: 419975 URL: https://svnweb.freebsd.org/changeset/ports/419975 Log: Add missing FreeBSD SA vuxml entries for 2013 Entries that only affected BETA/RC releases were ignored Security: SA-13:10.sctp Security: SA-13:09.ip_multicast Security: SA-13:08.nfsserver Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Aug 9 21:41:25 2016 (r419974) +++ head/security/vuxml/vuln.xml Tue Aug 9 22:25:52 2016 (r419975) @@ -58,6 +58,106 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="dd48d9b9-5e7e-11e6-a6c3-14dae9d210b8"> + <topic>FreeBSD -- Kernel memory disclosure in sctp(4)</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>9.1</ge><lt>9.1_6</lt></range> + <range><ge>8.4</ge><lt>8.4_3</lt></range> + <range><ge>8.3</ge><lt>8.3_10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Problem Description:</p> + <p>When initializing the SCTP state cookie being sent in INIT-ACK chunks, + a buffer allocated from the kernel stack is not completely initialized.</p> + <p>Impact:</p> + <p>Fragments of kernel memory may be included in SCTP packets and + transmitted over the network. For each SCTP session, there are two + separate instances in which a 4-byte fragment may be transmitted.</p> + <p>This memory might contain sensitive information, such as portions of the + file cache or terminal buffers. This information might be directly + useful, or it might be leveraged to obtain elevated privileges in + some way. For example, a terminal buffer might include a user-entered + password.</p> + </body> + </description> + <references> + <freebsdsa>SA-13:10.sctp</freebsdsa> + <cvename>CVE-2013-5209</cvename> + </references> + <dates> + <discovery>2013-08-22</discovery> + <entry>2016-08-09</entry> + </dates> + </vuln> + + <vuln vid="0844632f-5e78-11e6-a6c3-14dae9d210b8"> + <topic>FreeBSD -- integer overflow in IP_MSFILTER</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>9.1</ge><lt>9.1_6</lt></range> + <range><ge>8.4</ge><lt>8.4_3</lt></range> + <range><ge>8.3</ge><lt>8.3_10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Problem Description:</p> + <p>An integer overflow in computing the size of a temporary + buffer can result in a buffer which is too small for the requested + operation.</p> + <p>Impact:</p> + <p>An unprivileged process can read or write pages of memory + which belong to the kernel. These may lead to exposure of sensitive + information or allow privilege escalation.</p> + </body> + </description> + <references> + <cvename>CVE-2013-3077</cvename> + <freebsdsa>SA-13:09.ip_multicast</freebsdsa> + </references> + <dates> + <discovery>2013-08-22</discovery> + <entry>2016-08-09</entry> + </dates> + </vuln> + + <vuln vid="e5d2442d-5e76-11e6-a6c3-14dae9d210b8"> + <topic>FreeBSD -- Incorrect privilege validation in the NFS server</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>9.1</ge><lt>9.1_5</lt></range> + <range><ge>8.3</ge><lt>8.3_9</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Problem Description:</p> + <p>The kernel incorrectly uses client supplied credentials + instead of the one configured in exports(5) when filling out the + anonymous credential for a NFS export, when -network or -host + restrictions are used at the same time.</p> + <p>Impact:</p> + <p>The remote client may supply privileged credentials (e.g. the + root user) when accessing a file under the NFS share, which will bypass + the normal access checks.</p> + </body> + </description> + <references> + <cvename>CVE-2013-4851</cvename> + <freebsdsa>SA-13:08.nfsserver</freebsdsa> + </references> + <dates> + <discovery>2013-07-06</discovery> + <entry>2016-08-09</entry> + </dates> + </vuln> + <vuln vid="6da45e38-5b55-11e6-8859-000c292ee6b8"> <topic>collectd -- Network plugin heap overflow</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608092225.u79MPrwZ033263>