admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-296xx/CVE-2021-29626.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

224 lines
8.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-29626",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2021-04-07T15:15:13.700",
"lastModified": "2022-05-27T13:22:42.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unprivileged process to maintain a mapping after it is freed, allowing the process to read private data belonging to other processes or the kernel."
},
{
"lang": "es",
"value": "En FreeBSD versiones 13.0-STABLE anteriores a n245117, versiones 12.2-STABLE anteriores a r369551, versiones 11.4-STABLE anteriores a r369559, versiones 13.0-RC5 anteriores a p1, versiones 12.2-RELEASE anteriores a p6 y versiones 11.4-RELEASE anteriores a p9, la l\u00f3gica de copy-on-write fallaba al invalidar las asignaciones de p\u00e1ginas de memoria compartida entre m\u00faltiples procesos, permitiendo que un proceso sin privilegios mantuviera una asignaci\u00f3n despu\u00e9s de ser liberada, permitiendo que el proceso leyera datos privados pertenecientes a otros procesos o al kernel"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.4",
"matchCriteriaId": "55C77F87-F478-418A-861F-554D2196090B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.2",
"matchCriteriaId": "17AC6343-11EC-4586-91EB-D7C4D4C1699E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*",
"matchCriteriaId": "4A865EA1-01D7-4E5A-9D13-80780F8A9D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B80FBD1B-D03E-4408-9150-2F86FAF7F1D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "9FCA6A72-2A72-45FD-A43D-B5BF7C329121"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "90F9B3CB-3B60-4AA8-9EAF-4F0BE7D27691"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "C04EE177-C7D1-4049-B680-F961A27C677F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "218AF216-7B03-4C02-B55F-2316AF14074B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "33266717-0359-4243-868B-B84436E2A89E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2B0FB7BE-DB4E-47CE-8B51-C43DC5AADD17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:11.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D427061-B399-47BA-865D-9FAB315210CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*",
"matchCriteriaId": "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "62A178A3-6A52-4981-9A27-FB07AD8AF778"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "54A487B1-E5CE-4C76-87E8-518D24C5D86D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7412DBD8-BB1F-48A8-AAE1-BA5C8D7BDDF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "833DFF5B-BC50-424A-ABCF-EC632F421B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "9F27016E-4117-4094-BB7A-9C56E38024D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "B149BF69-951D-47B4-996C-9E4773DA75B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC271C93-EB83-4301-B7BA-F3249B71B1EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "04329338-AC28-4A74-BE6B-CE8EC6CC37B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "ADBA841F-5C83-4759-84B7-B59DA1B12EA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6A8F38B3-A6DA-4178-A2BD-0D4F0267C384"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "9BB028A0-70F6-42DA-9E5A-F7AAF74ED45B"
}
]
}
]
}
],
"references": [
{
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:08.vm.asc",
"source": "secteam@freebsd.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20210423-0008/",
"source": "secteam@freebsd.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink