svn commit: r424640 - head/security/vuxml
Mark Felder
feld at FreeBSD.org
Tue Oct 25 17:56:11 UTC 2016
Author: feld
Date: Tue Oct 25 17:56:09 2016
New Revision: 424640
URL: https://svnweb.freebsd.org/changeset/ports/424640
Log:
Document revised FreeBSD-SA-16:15.sysarch
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Tue Oct 25 17:51:49 2016 (r424639)
+++ head/security/vuxml/vuln.xml Tue Oct 25 17:56:09 2016 (r424640)
@@ -3099,9 +3099,11 @@ and CVE-2013-0155.</p>
<affects>
<package>
<name>FreeBSD-kernel</name>
- <range><ge>10.2</ge><lt>10.2_14</lt></range>
- <range><ge>10.1</ge><lt>10.1_31</lt></range>
- <range><ge>9.3</ge><lt>9.3_39</lt></range>
+ <range><ge>11.0</ge><lt>11.0_2</lt></range>
+ <range><ge>10.3</ge><lt>10.3_11</lt></range>
+ <range><ge>10.2</ge><lt>10.2_24</lt></range>
+ <range><ge>10.1</ge><lt>10.1_41</lt></range>
+ <range><ge>9.3</ge><lt>9.3_49</lt></range>
</package>
</affects>
<description>
@@ -3110,10 +3112,10 @@ and CVE-2013-0155.</p>
<p>A special combination of sysarch(2) arguments, specify
a request to uninstall a set of descriptors from the LDT.
The start descriptor is cleared and the number of descriptors
- are provided. Due to invalid use of a signed intermediate
- value in the bounds checking during argument validity
- verification, unbound zero'ing of the process LDT and
- adjacent memory can be initiated from usermode.</p>
+ are provided. Due to lack of sufficient bounds checking
+ during argument validity verification, unbound zero'ing of
+ the process LDT and adjacent memory can be initiated from
+ usermode.</p>
<h1>Impact:</h1>
<p>This vulnerability could cause the kernel to panic. In
addition it is possible to perform a local Denial of Service
@@ -3127,6 +3129,7 @@ and CVE-2013-0155.</p>
<dates>
<discovery>2016-03-16</discovery>
<entry>2016-08-11</entry>
+ <modified>2016-10-25</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list