Jesse Hertz

**Nome do software vulnerável e versões afetadas** Versões do qDecoder anteriores à 12.1.0 **Descrição** O problema decorre da falha em garantir que o caractere de porcentagem seja seguido por dois dígitos hexadecimais na decodificação de URLs. Isso pode levar a possíveis problemas de segurança. **Recomendações** Para versões anteriores à 12.1.0, atualize para a versão 12.1.0 ou posterior para resolver o problema. Como solução temporária, considere implementar uma validação adicional para a decodificação de URL, a fim de garantir que o caractere de porcentagem seja seguido corretamente por dois dígitos hexadecimais.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue allows certain local users with kern.usermount privileges to cause a denial of service, resulting in a kernel panic. This can be achieved by mounting a tmpfs with a VNOVAL in the `username`, `groupname`, or `device name` of the root node. The problem exists due to insufficient input validation. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting the kern.usermount privileges to prevent local users from mounting tmpfs with malicious settings until a patch is available. As a temporary workaround, avoid using VNOVAL in the `username`, `groupname`, or `device name` of the root node when mounting a tmpfs.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue is related to errors in the code of the OpenBSD operating system. It can be exploited by a local attacker to cause a denial of service, resulting in a kernel panic, by using a large size in a `getdents` system call. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting the use of the `getdents` system call to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the size of the system call to prevent a kernel panic. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue is related to insufficient input validation in the `thrsleep` function in `kern/kern synch.c`. This allows a local user to cause a denial of service, specifically a kernel panic, by providing a crafted value in the `tsp` parameter of the ` thrsleep` system call. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting access to the ` thrsleep` system call until a patch is available. As a temporary workaround, avoid using the `tsp` parameter in the ` thrsleep` system call to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue is related to errors in number handling within the OpenBSD operating system. It can be exploited by a local attacker to cause a denial of service, resulting in an "Assertion failure" error message and a kernel panic, by using a large `ident` value in the `kevent` system call. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting the use of large `ident` values in the `kevent` system call to minimize the risk of exploitation. As a temporary workaround, avoid using the `kevent` system call with large `ident` values until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue allows certain local users to cause a denial of service, resulting in a kernel panic. This can be achieved by unmounting a filesystem with an open vnode on the mnt vnodelist. The problem exists due to insufficient input validation in the operating system. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting the ability to unmount filesystems with open vnodes as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue is related to an integer truncation error in the `amap alloc` function, which can be exploited by local users to execute arbitrary code with kernel privileges. This can be achieved by providing a large size value. The error is associated with improper handling of numbers. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting access to the `amap alloc` function until a patch is available. As a temporary workaround, avoid using large size values in the `amap alloc` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue allows attackers to cause a denial of service, resulting in a kernel panic and crash, by exploiting the mmap extension MAP NOFAULT with a large size value. This is due to insufficient input validation in the mmap extension. The exploitation can be performed by a local attacker. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting the use of the mmap extension MAP NOFAULT until a patch is available to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue allows local users to cause a denial of service, resulting in a NULL pointer dereference and panic. This can be achieved via a sysctl call with a path starting with `10,9`. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting access to sysctl calls to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD version 5.9 **Description** The issue is caused by an integer overflow in the `uvm map isavail` function, which can be triggered by a local user via a crafted `mmap` call. This results in a denial of service, specifically a kernel panic, when the new mapping overlaps with an existing mapping. **Recommendations** For OpenBSD version 5.9, consider applying configuration changes to restrict the use of the `mmap` system call to minimize the risk of exploitation. As a temporary workaround, restrict access to the `uvm map isavail` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 5.8 through 5.9 **Description** The issue is caused by an integer overflow in the `amap alloc1` function, which allows local users to execute arbitrary code with kernel privileges by providing a large size value. This can be exploited to gain elevated access to the system. **Recommendations** For OpenBSD versions 5.8 and 5.9, consider restricting access to the `amap alloc1` function until a patch is available. As a temporary workaround, avoid using large size values that could trigger the integer overflow in the `amap alloc1` function.