Unrated severityNVD Advisory· Published Jul 3, 2019· Updated Aug 4, 2024
CVE-2019-5602
CVE-2019-5602
Description
In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory when media is present thereby allowing a malicious user in the operator group to gain root privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
212.0-STABLE < r349628, 12.0-RELEASE < p7, 11.3-PRERELEASE < r349629, 11.3-RC3 < p1, 11.2-RELEASE < p11+ 1 more
- (no CPE)range: 12.0-STABLE < r349628, 12.0-RELEASE < p7, 11.3-PRERELEASE < r349629, 11.3-RC3 < p1, 11.2-RELEASE < p11
- (no CPE)range: FreeBSD 12.0 before 12.0-RELEASE-p7 and 11.2 before 11.2-RELEASE-p11
Patches
Vulnerability mechanics
References
2- security.freebsd.org/advisories/FreeBSD-SA-19:11.cd_ioctl.ascmitrevendor-advisoryx_refsource_FREEBSD
- packetstormsecurity.com/files/153522/FreeBSD-Security-Advisory-FreeBSD-SA-19-11.cd_ioctl.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.