version 1.17, 2017/07/05 15:56:53 |
version 1.18, 2017/08/03 16:48:08 |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
<li id="p015_sigio"> |
|
<font color="#009000"> |
|
<strong>015: RELIABILITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A SIGIO-related use-after-free can occur in two drivers. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/015_sigio.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p016_sendsyslog"> |
|
<font color="#009000"> |
|
<strong>016: RELIABILITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A missing length check in sendsyslog() may result in a kernel panic. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/016_sendsyslog.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p017_fuse"> |
|
<font color="#009000"> |
|
<strong>017: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE) |
|
may result in a kernel panic or info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/017_fuse.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p018_recv"> |
|
<font color="#009000"> |
|
<strong>018: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An alignment issue in recv() may result in an info leak via ktrace(). |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/018_recv.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p019_tcp_usrreq"> |
|
<font color="#009000"> |
|
<strong>019: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
With an invalid address family, tcp_usrreq() may take an unintended code path. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/019_tcp_usrreq.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p020_sockaddr"> |
|
<font color="#009000"> |
|
<strong>020: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
Missing socket address validation from userland may result in an info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/020_sockaddr.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p021_ptrace"> |
|
<font color="#009000"> |
|
<strong>021: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An uninitialized variable in ptrace() may result in an info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/021_ptrace.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p022_fcntl"> |
|
<font color="#009000"> |
|
<strong>022: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An uninitialized variable in fcntl() may result in an info leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/022_fcntl.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p023_wsdisplay"> |
|
<font color="#009000"> |
|
<strong>023: RELIABILITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds |
|
read. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/023_wsdisplay.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p024_sosplice"> |
|
<font color="#009000"> |
|
<strong>024: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
A race condition in sosplice() may result in a kernel memory leak. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/024_sosplice.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p025_ieee80211"> |
|
<font color="#009000"> |
|
<strong>025: SECURITY FIX: August 3, 2017</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
An out of bounds read could occur during processing of EAPOL frames in |
|
the wireless stack. Information from kernel memory could be leaked to |
|
root in userland via an ieee80211(9) ioctl. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/025_ieee80211.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
</ul> |
</ul> |
|
|
<hr> |
<hr> |