GCVE - cpe:2.3:o:freebsd:freebsd:11.3:rc3:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:11.3:rc3:*:*:*:*:*:*

part: o version: 11.3 update: rc3

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.165214

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-24718`	vulnerable	2026-06-08 05:22:35.412076	Details available bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP. Published: 2020-09-25T03:49:02.000Z Updated: 2024-08-04T15:19:09.334Z Open on db.gcve.eu Reference links https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249 https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc https://security.netapp.com/advisory/ntap-20201016-0002/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-5602`	vulnerable	2026-06-08 05:14:07.804173	Details available In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory when media is present thereby allowing a malicious user in the operator group to gain root privileges. Published: 2019-07-03T18:52:45.000Z Updated: 2024-08-04T20:01:51.518Z Open on db.gcve.eu Reference links https://security.FreeBSD.org/advisories/FreeBSD-SA-19:11.cd_ioctl.asc http://packetstormsecurity.com/files/153522/FreeBSD-Security-Advisory-FreeBSD-SA-19-11.cd_ioctl.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-5600`	vulnerable	2026-06-08 05:14:07.799922	Details available In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv implementation may allow an attacker to write past the end of an output buffer. Depending on the implementation, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. Published: 2019-07-03T18:50:23.000Z Updated: 2024-08-04T20:01:52.231Z Open on db.gcve.eu Reference links https://security.FreeBSD.org/advisories/FreeBSD-SA-19:09.iconv.asc http://packetstormsecurity.com/files/153520/FreeBSD-Security-Advisory-FreeBSD-SA-19-09.iconv.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.