{"containers": {"cna": {"affected": [{"product": "FreeBSD", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 12.0-RELEASE-p10"}, {"status": "affected", "version": "before 11.3-RELEASE-p3"}, {"status": "affected", "version": "before 11.2-RELEASE-p14"}]}], "descriptions": [{"lang": "en", "value": "In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer."}], "problemTypes": [{"descriptions": [{"description": "Improper check for unusual conditions", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-10T14:06:14", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190910-0002/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secteam@freebsd.org", "ID": "CVE-2019-5612", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FreeBSD", "version": {"version_data": [{"version_value": "before 12.0-RELEASE-p10"}, {"version_value": "before 11.3-RELEASE-p3"}, {"version_value": "before 11.2-RELEASE-p14"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper check for unusual conditions"}]}]}, "references": {"reference_data": [{"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc", "refsource": "CONFIRM", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc"}, {"name": "https://security.netapp.com/advisory/ntap-20190910-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190910-0002/"}]}}}}, "cveMetadata": {"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2019-5612", "datePublished": "2019-08-29T22:31:46", "dateReserved": "2019-01-07T00:00:00", "dateUpdated": "2019-09-10T14:06:14", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*", "matchCriteriaId": "3ACD1D8D-B3BC-4E99-B846-90A4071DB87B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p10:*:*:*:*:*:*", "matchCriteriaId": "0A8A5CDA-E099-47BA-A0C0-2F79C0432156", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p11:*:*:*:*:*:*", "matchCriteriaId": "9AF6EBB1-EADE-41E2-A47B-0EC20F0C9899", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p12:*:*:*:*:*:*", "matchCriteriaId": "63721E89-F453-423F-B34B-07B44C85A052", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p13:*:*:*:*:*:*", "matchCriteriaId": "34134EDA-127A-48E2-B630-94DEF14666A9", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*", "matchCriteriaId": "699FE432-8DF0-49F1-A98B-0E19CE01E5CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*", "matchCriteriaId": "20B06752-39EE-4600-AC1F-69FB9C88E2A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*", "matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*", "matchCriteriaId": "E86CD544-86C4-4D9D-9CE5-087027509EDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*", "matchCriteriaId": "64E47AE7-BB45-428E-90E9-38BFDFF23650", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*", "matchCriteriaId": "586B9FA3-65A2-41EB-A848-E4A75565F0CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*", "matchCriteriaId": "1164B48E-2F28-43C5-9B7B-546EAE12E27D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*", "matchCriteriaId": "F0B15B89-3AD2-4E03-9F47-DA934702187B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "528F64CB-7A82-45C0-87CD-74EB975CC0BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*", "matchCriteriaId": "F35957CE-AF9F-40CA-BDD1-FA6A0E73783F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*", "matchCriteriaId": "EA929713-B797-494A-853D-C121D9D69519", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*", "matchCriteriaId": "3C3D8EDC-91D3-45B2-AC1D-EF4346D4A714", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*", "matchCriteriaId": "EA5006FF-06A5-4D95-BF5B-29F26248D11F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*", "matchCriteriaId": "826B53C2-517F-4FC6-92E8-E7FCB24F91B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*", "matchCriteriaId": "93F10A46-AEF2-4FDD-92D6-0CF07B70F986", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*", "matchCriteriaId": "C4029113-130F-4A33-A8A0-BC3E74000378", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p4:*:*:*:*:*:*", "matchCriteriaId": "46C5A6FD-7BBF-4E84-9895-8EE14DC846E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p5:*:*:*:*:*:*", "matchCriteriaId": "6D71D083-3279-4DF4-91E1-38C373DD062F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p8:*:*:*:*:*:*", "matchCriteriaId": "3070787D-76E1-4671-B99D-213F7103B3A2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer."}, {"lang": "es", "value": "En FreeBSD versi\u00f3n 12.0-STABLE anterior a r351264, versi\u00f3n 12.0-RELEASE anterior a 12.0-RELEASE-p10, versi\u00f3n 11.3-STABLE anterior a r351265, versi\u00f3n 11.3-RELEASE anterior a 11.3-RELEASE-p3, y versi\u00f3n 11.2-RELEASE anterior a 11.2-RELEASE-p14, el controlador del kernel para /dev/midistat implementa un manejador de lectura que no es un hilo (subproceso) seguro. Un programa multihilo puede explotar las carreras en el manejador para copiar fuera de la memoria del kernel, fuera de l\u00edmites del b\u00fafer de datos de midistat."}], "id": "CVE-2019-5612", "lastModified": "2023-01-31T21:55:09.807", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-30T09:15:21.020", "references": [{"source": "secteam@freebsd.org", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20190910-0002/"}], "sourceIdentifier": "secteam@freebsd.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}