CVE-2019-15879

Summary

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory.

Affected Software

VendorProductVersion RangeStatus
n/aFreeBSDFreeBSD 12.1-RELEASE before p5, and 11.3-RELEASE before p9affected

Weaknesses

  • Use after free

ADP Enrichment

CVE Program Container

Additional References

References