Debian Linux Security Advisory 3070-1 - Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure.
35934d202298475350a39abfefbd1bbc283d954535307ddb4cbccb516374b025FreeBSD Security Advisory - The control message API is used to construct ancillary data objects for use in control messages sent and received across sockets and passed via the recvmsg(2) and sendmsg(2) system calls. Buffer between control message header and data may not be completely initialized before being copied to userland. Three SCTP cmsgs, SCTP_SNDRCV, SCTP_EXTRCV and SCTP_RCVINFO, have implicit padding that may not be completely initialized before being copied to userland. In addition, three SCTP notifications, SCTP_PEER_ADDR_CHANGE, SCTP_REMOTE_ERROR and SCTP_AUTHENTICATION_EVENT, have padding in the returning data structure that may not be completely initialized before being copied to userland.
767bd2e96e787b131cd8f9c4eb988ad4be4310a86c53084903b0b9dcb602b805
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed