GCVE - cpe:2.3:o:freebsd:freebsd:12.3:beta1:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:12.3:beta1:*:*:*:*:*:*

part: o version: 12.3 update: beta1

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.165298

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-23093`	vulnerable	2026-06-08 05:40:56.282889	Stack overflow in ping(8) ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header. The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes. The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash. The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. Published: 2024-02-15T05:18:44.628Z Updated: 2024-10-28T18:30:58.278Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-22:15.ping.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23091`	vulnerable	2026-06-08 05:40:56.280057	Memory disclosure by stale virtual memory mapping A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel. Published: 2024-02-15T05:11:35.101Z Updated: 2025-02-13T16:29:02.596Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-22:11.vm.asc https://security.netapp.com/advisory/ntap-20240415-0008/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23090`	vulnerable	2026-06-08 05:40:56.278851	AIO credential reference count leak The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free (UAF). Published: 2024-02-15T05:09:27.389Z Updated: 2025-03-28T23:57:52.965Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-22:10.aio.asc https://security.netapp.com/advisory/ntap-20240415-0007/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23089`	vulnerable	2026-06-08 05:40:56.272415	Out of bound read in elf_note_prpsinfo() When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash. Published: 2024-02-15T05:07:13.996Z Updated: 2025-03-13T21:52:54.797Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-22:09.elf.asc https://security.netapp.com/advisory/ntap-20240415-0006/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.