Total vulnerabilities in the database
In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an allocated network packet buffer.
| Software | From | Fixed in |
|---|---|---|
| freebsd / freebsd | 11.3 | 11.3.x |
| freebsd / freebsd | 11.3-p1 | 11.3-p1.x |
| freebsd / freebsd | 11.3-p3 | 11.3-p3.x |
| freebsd / freebsd | 11.3-p2 | 11.3-p2.x |
| freebsd / freebsd | 12.1-p1 | 12.1-p1.x |
| freebsd / freebsd | 12.1 | 12.1.x |
| freebsd / freebsd | 11.3-p4 | 11.3-p4.x |
| freebsd / freebsd | 11.3-p5 | 11.3-p5.x |
| freebsd / freebsd | 11.3-p6 | 11.3-p6.x |
| freebsd / freebsd | 12.1-p2 | 12.1-p2.x |
| freebsd / freebsd | 11.3-p7 | 11.3-p7.x |
| freebsd / freebsd | 12.1-p3 | 12.1-p3.x |
| freebsd / freebsd | 12.1-p4 | 12.1-p4.x |
| freebsd / freebsd | 11.3-p8 | 11.3-p8.x |
| freebsd / freebsd | 11.4 | 11.4.x |
| freebsd / freebsd | 11.3-p9 | 11.3-p9.x |
| freebsd / freebsd | 12.1-p6 | 12.1-p6.x |
| freebsd / freebsd | 11.3-p10 | 11.3-p10.x |
| freebsd / freebsd | 11.3-p11 | 11.3-p11.x |
| freebsd / freebsd | 11.4-p1 | 11.4-p1.x |
| freebsd / freebsd | 12.1-p7 | 12.1-p7.x |