CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-15879

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.9%

CVSS Severity

CVSS v3 Score 7.4

CVSS v2 Score 5.8

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:15.cryptodev.asc
https://security.netapp.com/advisory/ntap-20200518-0005/
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:15.cryptodev.asc
https://security.netapp.com/advisory/ntap-20200518-0005/

Products affected by CVE-2019-15879

Freebsd » Freebsd » Version: 11.3

cpe:2.3:o:freebsd:freebsd:11.3
Freebsd » Freebsd » Version: 12.1

cpe:2.3:o:freebsd:freebsd:12.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-15879

Products

Pricing

Contact Us