Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openbsd
(Openbsd)Repositories | https://github.com/openbsd/src |
#Vulnerabilities | 185 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-06-19 | CVE-2017-1000373 | The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions. | Openbsd | 6.5 | ||
2017-03-07 | CVE-2016-6522 | Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6350 | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6247 | OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6246 | OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | Openbsd | 4.4 | ||
2017-03-07 | CVE-2016-6245 | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6244 | The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. | Openbsd | 7.5 | ||
2017-03-07 | CVE-2016-6243 | thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6242 | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6241 | Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | Openbsd | 7.8 |