Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 24 Apr 2020 10:27:45 -0400
From:      "Dan Langille" <dan@langille.org>
To:        "Gordon Tetlow" <gordon@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r532291 - head/security/vuxml
Message-ID:  <cd72f119-1e0f-44a4-baf2-717c27628db7@www.fastmail.com>
In-Reply-To: <cee1f409-a1e9-4df7-ad2c-5550d527e5ee@www.fastmail.com>
References:  <202004211829.03LITxve044691@repo.freebsd.org> <cee1f409-a1e9-4df7-ad2c-5550d527e5ee@www.fastmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help


On Wed, Apr 22, 2020, at 1:25 PM, Dan Langille wrote:
> On Tue, Apr 21, 2020, at 2:29 PM, Gordon Tetlow wrote:
> > Author: gordon (src committer)
> > Date: Tue Apr 21 18:29:59 2020
> > New Revision: 532291
> > URL: https://svnweb.freebsd.org/changeset/ports/532291
> > 
> > Log:
> >   Add new entries for SA-20:10 and SA-20:11.
> > 
> > Modified:
> >   head/security/vuxml/vuln.xml
> > 
> > Modified: head/security/vuxml/vuln.xml
> > ==============================================================================
> > --- head/security/vuxml/vuln.xml	Tue Apr 21 18:22:15 2020	(r532290)
> > +++ head/security/vuxml/vuln.xml	Tue Apr 21 18:29:59 2020	(r532291)
> > @@ -58,6 +58,71 @@ Notes:
> >    * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
> >  -->
> 
> [snip]
> 
> > +
> > +  <vuln vid="33edcc56-83f2-11ea-92ab-00163e433440">
> > +    <topic>FreeBSD -- ipfw invalid mbuf handling</topic>
> > +    <affects>
> > +      <package>
> > +	<name>FreeBSD-kernel</name>
> > +	<range><ge>12.1</ge><lt>12.1_4</lt></range>
> > +	<range><ge>11.3</ge><lt>11.3_8</lt></range>
> > +      </package>
> > +    </affects>
> > +    <description>
> > +      <body xmlns="http://www.w3.org/1999/xhtml">;
> > +	<h1>Problem Description:</h1>
> > +	<p>Incomplete packet data validation may result in accessing
> > +	out-of-bounds memory (CVE-2019-5614) or may access memory after it has
> > +	been freed (CVE-2019-15874).</p>
> > +	<h1>Impact:</h1>
> > +	<p>Access to out of bounds or freed mbuf data can lead to a kernel panic or
> > +	other unpredictable results.</p>
> > +      </body>
> > +    </description>
> > +    <references>
> > +      <cvename>CVE-2019-5614</cvename>
> > +      <cvename>CVE-2019-15874</cvename>
> > +      <freebsdsa>SA-20:10.ipfw</freebsdsa>
> > +    </references>
> > +    <dates>
> > +      <discovery>2020-04-21</discovery>
> > +      <entry>2020-04-21</entry>
> > +    </dates>
> > +  </vuln>
> > +
> >    <vuln vid="9fbaefb3-837e-11ea-b5b4-641c67a117d8">
> >      <topic>py-twisted -- multiple vulnerabilities</topic>
> >      <affects>
> >
> 
> This entry is raising a false positive on patched systems. To reproduce:
> 
> freebsd-update fetch install
> reboot
> pkg install base-audit
> add security_status_baseaudit_enable="YES" to /etc/periodic.conf
> pkg audit -F
> /usr/local/etc/periodic/security/405.pkg-base-audit
> 
> $ freebsd-version -uk
> 12.1-RELEASE-p3
> 12.1-RELEASE-p4
> 
> $ /usr/local/etc/periodic/security/405.pkg-base-audit
> 
> Checking for security vulnerabilities in base (userland & kernel):
> Host system:
> Database fetched: Wed Apr 22 11:30:00 UTC 2020
> FreeBSD-kernel-12.1_3 is vulnerable:
> FreeBSD -- ipfw invalid mbuf handling
> CVE: CVE-2019-15874
> CVE: CVE-2019-5614
> WWW: https://vuxml.FreeBSD.org/freebsd/33edcc56-83f2-11ea-92ab-00163e433440.html
> 
> 1 problem(s) in 1 installed package(s) found.
> 0 problem(s) in 0 installed package(s) found.

PR raised: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245878

-- 
  Dan Langille
  dan@langille.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cd72f119-1e0f-44a4-baf2-717c27628db7>