8.00 - 8.5X: CVE-2021-29627 & : Is it possible with these CVEs? #5
Comments
MrTweek1987
changed the title
|
The first is the one reported by flatz, and the security advisory states that it is "FreeBSD >=12.2". PS4's OS is based on FreeBSD 9. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2021-29627
In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly **freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free.**CVE-2021-29626
In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unpriivleged process to maintain a mapping after it is freed, allowing the process to read private data belonging to other processes or the kernel.The text was updated successfully, but these errors were encountered: