FreeBSD 11.4 Patch 3
Approved changes feed: RSS · Atom
cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:*
part: o version: 11.4 update: p3
| Vendor | Freebsd (1e86ea60-a74f-5f45-ac35-3eb819c9e064) |
|---|---|
| Product | Freebsd (be9b20ed-2a20-5a94-a224-b1a6fdcacb17) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/freebsd/freebsd-src |
purl2cpe | 2026-06-01 10:12:45.165226 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-29631 |
vulnerable | 2026-06-08 05:31:26.653384 |
Details available
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process.
Published: 2021-08-30T18:00:15.000Z
Updated: 2024-08-03T22:11:06.287Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29630 |
vulnerable | 2026-06-08 05:31:26.645216 |
Details available
In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.
Published: 2021-08-30T18:01:08.000Z
Updated: 2024-08-03T22:11:06.118Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29629 |
vulnerable | 2026-06-08 05:31:26.635477 |
Details available
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively.
Published: 2021-05-28T14:06:47.000Z
Updated: 2024-08-03T22:11:06.353Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29626 |
vulnerable | 2026-06-08 05:31:26.607576 |
Details available
In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unprivileged process to maintain a mapping after it is freed, allowing the process to read private data belonging to other processes or the kernel.
Published: 2021-04-07T14:48:32.000Z
Updated: 2024-08-03T22:11:06.402Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7469 |
vulnerable | 2026-06-08 05:27:13.137741 |
Details available
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet buffer may be freed, rendering the cached pointer invalid. The network stack may later dereference the pointer, potentially triggering a use-after-free.
Published: 2021-06-04T11:55:55.000Z
Updated: 2024-08-04T09:33:19.700Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7468 |
vulnerable | 2026-06-08 05:27:13.136712 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7467 |
vulnerable | 2026-06-08 05:27:13.134772 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7464 |
vulnerable | 2026-06-08 05:27:13.125434 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25584 |
vulnerable | 2026-06-08 05:22:36.861186 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25583 |
vulnerable | 2026-06-08 05:22:36.859691 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25582 |
vulnerable | 2026-06-08 05:22:36.857970 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25581 |
vulnerable | 2026-06-08 05:22:36.856766 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25580 |
vulnerable | 2026-06-08 05:22:36.850567 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25579 |
vulnerable | 2026-06-08 05:22:36.848377 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25578 |
vulnerable | 2026-06-08 05:22:36.839476 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25577 |
vulnerable | 2026-06-08 05:22:36.835651 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-24718 |
vulnerable | 2026-06-08 05:22:35.416035 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.