FreeBSD 11.0 -
Approved changes feed: RSS · Atom
cpe:2.3:o:freebsd:freebsd:11.0:-:*:*:*:*:*:*
part: o version: 11.0 update: -
| Vendor | Freebsd (1e86ea60-a74f-5f45-ac35-3eb819c9e064) |
|---|---|
| Product | Freebsd (be9b20ed-2a20-5a94-a224-b1a6fdcacb17) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/freebsd/freebsd-src |
purl2cpe | 2026-06-01 10:12:45.165133 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-5607 |
vulnerable | 2026-06-08 05:14:07.820107 |
Details available
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350223, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, rights transmitted over a domain socket did not properly release a reference on transmission error allowing a malicious user to cause the reference counter to wrap, forcing a free event. This could allow a malicious local user to gain root privileges or escape from a jail.
Published: 2019-07-26T00:28:44.000Z
Updated: 2024-08-04T20:01:51.838Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5606 |
vulnerable | 2026-06-08 05:14:07.819515 |
Details available
In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, code which handles close of a descriptor created by posix_openpt fails to undo a signal configuration. This causes an incorrect signal to be raised leading to a write after free of kernel memory allowing a malicious user to gain root privileges or escape a jail.
Published: 2019-07-26T00:33:33.000Z
Updated: 2024-08-04T20:01:51.956Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5605 |
vulnerable | 2026-06-08 05:14:07.818464 |
Details available
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, due to insufficient initialization of memory copied to userland in the freebsd32_ioctl interface, small amounts of kernel memory may be disclosed to userland processes. This may allow an attacker to leverage this information to obtain elevated privileges either directly or indirectly.
Published: 2019-07-26T00:09:11.000Z
Updated: 2024-08-04T20:01:51.696Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5604 |
vulnerable | 2026-06-08 05:14:07.817289 |
Details available
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest, allowing an out-of-bounds read. This provides a malicious guest the possibility to crash the system or access system memory.
Published: 2019-07-26T00:24:10.000Z
Updated: 2024-08-04T20:01:52.138Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5603 |
vulnerable | 2026-06-08 05:14:07.809523 |
Details available
In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the reference allowing a malicious user to overflow the counter allowing access to files, directories, and sockets opened by processes owned by other users.
Published: 2019-07-26T00:16:10.000Z
Updated: 2024-08-04T20:01:51.991Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.