git: 7c477710b303 - main - security/vuxml: add FreeBSD SA-22:07.wifi_meshid
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 07 Apr 2022 03:06:15 UTC
The branch main has been updated by philip:
URL: https://cgit.FreeBSD.org/ports/commit/?id=7c477710b3032f882739815c477319fe7ca6c467
commit 7c477710b3032f882739815c477319fe7ca6c467
Author: Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2022-04-07 03:05:55 +0000
Commit: Philip Paeps <philip@FreeBSD.org>
CommitDate: 2022-04-07 03:05:55 +0000
security/vuxml: add FreeBSD SA-22:07.wifi_meshid
---
security/vuxml/vuln-2022.xml | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml
index 7508ad2d1ca9..1938e3a16bee 100644
--- a/security/vuxml/vuln-2022.xml
+++ b/security/vuxml/vuln-2022.xml
@@ -1,3 +1,34 @@
+ <vuln vid="d4cc994f-b61d-11ec-9ebc-1c697aa5a594">
+ <topic>FreeBSD -- 802.11 heap buffer overflow</topic>
+ <affects>
+ <package>
+ <name>FreeBSD-kernel</name>
+ <range><ge>13.0</ge><lt>13.0_11</lt></range>
+ <range><ge>12.3</ge><lt>12.3_5</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <h1>Problem Description:</h1>
+ <p>The 802.11 beacon handling routine failed to validate the length of
+ an IEEE 802.11s Mesh ID before copying it to a heap-allocated
+ buffer.</p>
+ <h1>Impact:</h1>
+ <p>While a FreeBSD Wi-Fi client is in scanning mode (i.e., not
+ associated with a SSID) a malicious beacon frame may overwrite kernel
+ memory, leading to remote code execution.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2022-23088</cvename>
+ <freebsdsa>SA-22:07.wifi_meshid</freebsdsa>
+ </references>
+ <dates>
+ <discovery>2022-04-06</discovery>
+ <entry>2022-04-07</entry>
+ </dates>
+ </vuln>
+
<vuln vid="703c4761-b61d-11ec-9ebc-1c697aa5a594">
<topic>FreeBSD -- mpr/mps/mpt driver ioctl heap out-of-bounds write</topic>
<affects>