| version 1.35, 2017/06/26 17:18:57 |
version 1.36, 2017/08/03 16:48:08 |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| |
<li id="p029_sigio"> |
| |
<font color="#009000"> |
| |
<strong>029: RELIABILITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
A SIGIO-related use-after-free can occur in two drivers. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/029_sigio.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p030_sendsyslog"> |
| |
<font color="#009000"> |
| |
<strong>030: RELIABILITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
A missing length check in sendsyslog() may result in a kernel panic. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/030_sendsyslog.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p031_fuse"> |
| |
<font color="#009000"> |
| |
<strong>031: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE) |
| |
may result in a kernel panic or info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/031_fuse.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p032_recv"> |
| |
<font color="#009000"> |
| |
<strong>032: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An alignment issue in recv() may result in an info leak via ktrace(). |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/032_recv.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p033_tcp_usrreq"> |
| |
<font color="#009000"> |
| |
<strong>033: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
With an invalid address family, tcp_usrreq() may take an unintended code path. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/033_tcp_usrreq.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p034_sockaddr"> |
| |
<font color="#009000"> |
| |
<strong>034: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
Missing socket address validation from userland may result in an info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/034_sockaddr.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p035_ptrace"> |
| |
<font color="#009000"> |
| |
<strong>035: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An uninitialized variable in ptrace() may result in an info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/035_ptrace.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p036_fcntl"> |
| |
<font color="#009000"> |
| |
<strong>036: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An uninitialized variable in fcntl() may result in an info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/036_fcntl.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p037_wsdisplay"> |
| |
<font color="#009000"> |
| |
<strong>037: RELIABILITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds |
| |
read. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/037_wsdisplay.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p038_sosplice"> |
| |
<font color="#009000"> |
| |
<strong>038: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
A race condition may result in a kernel memory leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/038_sosplice.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p039_ieee80211"> |
| |
<font color="#009000"> |
| |
<strong>039: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An out of bounds read could occur during processing of EAPOL frames in |
| |
the wireless stack. Information from kernel memory could be leaked to |
| |
root in userland via an ieee80211(9) ioctl. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/039_ieee80211.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| </ul> |
</ul> |
| |
|
| <hr> |
<hr> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata60.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www