version 1.35, 2017/06/26 17:18:57 |
version 1.36, 2017/08/03 16:48:08 |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
<li id="p029_sigio"> |
|
<font color="#009000"> |
|
<strong>029: RELIABILITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A SIGIO-related use-after-free can occur in two drivers. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/029_sigio.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p030_sendsyslog"> |
|
<font color="#009000"> |
|
<strong>030: RELIABILITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A missing length check in sendsyslog() may result in a kernel panic. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/030_sendsyslog.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p031_fuse"> |
|
<font color="#009000"> |
|
<strong>031: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE) |
|
may result in a kernel panic or info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/031_fuse.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p032_recv"> |
|
<font color="#009000"> |
|
<strong>032: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An alignment issue in recv() may result in an info leak via ktrace(). |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/032_recv.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p033_tcp_usrreq"> |
|
<font color="#009000"> |
|
<strong>033: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
With an invalid address family, tcp_usrreq() may take an unintended code path. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/033_tcp_usrreq.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p034_sockaddr"> |
|
<font color="#009000"> |
|
<strong>034: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
Missing socket address validation from userland may result in an info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/034_sockaddr.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p035_ptrace"> |
|
<font color="#009000"> |
|
<strong>035: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An uninitialized variable in ptrace() may result in an info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/035_ptrace.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p036_fcntl"> |
|
<font color="#009000"> |
|
<strong>036: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An uninitialized variable in fcntl() may result in an info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/036_fcntl.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p037_wsdisplay"> |
|
<font color="#009000"> |
|
<strong>037: RELIABILITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds |
|
read. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/037_wsdisplay.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p038_sosplice"> |
|
<font color="#009000"> |
|
<strong>038: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A race condition may result in a kernel memory leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/038_sosplice.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p039_ieee80211"> |
|
<font color="#009000"> |
|
<strong>039: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An out of bounds read could occur during processing of EAPOL frames in |
|
the wireless stack. Information from kernel memory could be leaked to |
|
root in userland via an ieee80211(9) ioctl. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/039_ieee80211.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
</ul> |
</ul> |
|
|
<hr> |
<hr> |