Openbsd : Security Vulnerabilities, CVEs, Published In 2017 (Overflow)
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-01-05
Updated
2022-12-13
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-03-09
Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-03-07
Updated
2017-09-01
3 vulnerabilities found