httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
Max CVSS
7.8
EPSS Score
1.90%
Published
2017-03-27
Updated
2019-10-03
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.
Max CVSS
4.9
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value.
Max CVSS
7.8
EPSS Score
0.14%
Published
2017-03-07
Updated
2017-03-08
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value.
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-03-07
Updated
2017-09-01
10 vulnerabilities found