| version 1.17, 2017/07/05 15:56:53 |
version 1.18, 2017/08/03 16:48:08 |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| |
<li id="p015_sigio"> |
| |
<font color="#009000"> |
| |
<strong>015: RELIABILITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
A SIGIO-related use-after-free can occur in two drivers. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/015_sigio.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p016_sendsyslog"> |
| |
<font color="#009000"> |
| |
<strong>016: RELIABILITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
A missing length check in sendsyslog() may result in a kernel panic. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/016_sendsyslog.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p017_fuse"> |
| |
<font color="#009000"> |
| |
<strong>017: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE) |
| |
may result in a kernel panic or info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/017_fuse.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p018_recv"> |
| |
<font color="#009000"> |
| |
<strong>018: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An alignment issue in recv() may result in an info leak via ktrace(). |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/018_recv.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p019_tcp_usrreq"> |
| |
<font color="#009000"> |
| |
<strong>019: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
With an invalid address family, tcp_usrreq() may take an unintended code path. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/019_tcp_usrreq.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p020_sockaddr"> |
| |
<font color="#009000"> |
| |
<strong>020: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
Missing socket address validation from userland may result in an info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/020_sockaddr.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p021_ptrace"> |
| |
<font color="#009000"> |
| |
<strong>021: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An uninitialized variable in ptrace() may result in an info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/021_ptrace.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p022_fcntl"> |
| |
<font color="#009000"> |
| |
<strong>022: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An uninitialized variable in fcntl() may result in an info leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/022_fcntl.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p023_wsdisplay"> |
| |
<font color="#009000"> |
| |
<strong>023: RELIABILITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds |
| |
read. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/023_wsdisplay.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p024_sosplice"> |
| |
<font color="#009000"> |
| |
<strong>024: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
A race condition in sosplice() may result in a kernel memory leak. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/024_sosplice.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| |
<li id="p025_ieee80211"> |
| |
<font color="#009000"> |
| |
<strong>025: SECURITY FIX: August 3, 2017</strong></font> |
| |
<i>All architectures</i> |
| |
<br> |
| |
An out of bounds read could occur during processing of EAPOL frames in |
| |
the wireless stack. Information from kernel memory could be leaked to |
| |
root in userland via an ieee80211(9) ioctl. |
| |
<br> |
| |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/025_ieee80211.patch.sig"> |
| |
A source code patch exists which remedies this problem.</a> |
| |
<p> |
| |
|
| </ul> |
</ul> |
| |
|
| <hr> |
<hr> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata61.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www