Количество 3
Количество 3
CVE-2022-23085
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
GHSA-w8p8-q938-ccr8
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
BDU:2023-00490
Уязвимость функции nmreq_copyin() компонента netmap операционных систем FreeBSD, позволяющая нарушителю выполнить произвольный код в контексте ядра
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23085 A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. | CVSS3: 8.2 | 0% Низкий | почти 2 года назад |
| GHSA-w8p8-q938-ccr8 A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. | CVSS3: 9.8 | 0% Низкий | почти 2 года назад |
 | BDU:2023-00490 Уязвимость функции nmreq_copyin() компонента netmap операционных систем FreeBSD, позволяющая нарушителю выполнить произвольный код в контексте ядра | CVSS3: 8.2 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу