PT-2019-17772 · Freebsd · Freebsd

Publicado

2019-07-02

Atualizado

2020-08-24

CVE-2019-5602

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 12.0-RELEASE-p7 FreeBSD versions prior to 11.3-RC3-p1 FreeBSD versions prior to 11.2-RELEASE-p11

Description A bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory when media is present, thereby allowing a malicious user in the operator group to gain root privileges.

Recommendations For versions prior to 12.0-RELEASE-p7, update to 12.0-RELEASE-p7 or later. For versions prior to 11.3-RC3-p1, update to 11.3-RC3-p1 or later. For versions prior to 11.2-RELEASE-p11, update to 11.2-RELEASE-p11 or later.

Correção

Incorrect Authorization

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863CWE-787

Identificadores relacionados

CVE-2019-5602

FREEBSD-SA-19_11

Produtos afetados

Freebsd

PT-2019-17772 · Freebsd · Freebsd

CVE-2019-5602

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4