VYPR

cryptodev module

by FreeBSD

CVEs (2)

  • CVE-2019-15880CriMay 13, 2020
    risk 0.64cvss 9.8epss 0.02

    In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic.

  • CVE-2019-15879HigMay 13, 2020
    risk 0.48cvss 7.4epss 0.01

    In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite…