mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
172 lines
5.9 KiB
JSON
172 lines
5.9 KiB
JSON
{
|
|
"id": "CVE-2021-29628",
|
|
"sourceIdentifier": "secteam@freebsd.org",
|
|
"published": "2021-05-28T15:15:08.627",
|
|
"lastModified": "2022-05-16T20:55:20.930",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En FreeBSD versiones 13.0-STABLE anteriores a n245764-876ffe28796c, versiones 12.2-STABLE anteriores a r369857, versiones 13.0-RELEASE anteriores a p1 y versiones 12.2-RELEASE anteriores a p7, una llamada al sistema que desencadena un fallo podr\u00eda causar que las protecciones SMAP sean deshabilitadas durante la llamada al sistema. Esta debilidad podr\u00eda ser combinada con otros bugs del kernel para dise\u00f1ar una explotaci\u00f3n"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-863"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:beta1-p1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "04A52071-1307-4038-ACDF-F69954E95A39"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "62A178A3-6A52-4981-9A27-FB07AD8AF778"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "54A487B1-E5CE-4C76-87E8-518D24C5D86D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9F084CAB-D138-4BF6-ABC2-2314F0FDE0D1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4C232CA9-FC15-4596-AA99-74509A714C12"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "25BD9C03-6219-49EB-B503-CD44A3B9AA0A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p6:*:*:*:*:*:*",
|
|
"matchCriteriaId": "900755CC-07EF-4799-B5B4-F3762B3650E8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "174265E7-6B73-4546-B4C7-3826C7EB5624"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta3-p1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EC7326E3-908D-47A1-B848-3AA7F34B3DD3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ADBA841F-5C83-4759-84B7-B59DA1B12EA8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6A8F38B3-A6DA-4178-A2BD-0D4F0267C384"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc5-p1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "00D28E4E-022B-482E-9952-7F7F47C427C2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc",
|
|
"source": "secteam@freebsd.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://security.netapp.com/advisory/ntap-20210713-0002/",
|
|
"source": "secteam@freebsd.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |