upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/contrib
History
Mariusz Zaborski 7b7e6d7376 libnv: fix heap overflow in nvlist_recv() 
nvlist_check_header() validated nvlh_size for overflow before
performing conversion. An mallicous user can set
NV_FLAG_BIG_ENDIAN in the header and craft nvlh_size so that
the orginall value passes the check, but after the conversion the
sizeof(nvlist_header) + size can overflow.
This can lead to a heap buffer overflow.

Approved by:	so
Security:	FreeBSD-SA-26:17.libnv
Security:	CVE-2026-35547
Fixes:		36fa90dbde0060aacb5677d0b113ee168e839071
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D56342
2026-04-29 22:15:06 +02:00
..
alpine-hal
ck ck_queue: add CK_*_FOREACH_FROM 2023-02-25 10:34:06 -05:00
dev qat: enable qat driver for 402xx device 2026-01-20 09:05:29 +01:00
device-tree Import device-tree files from Linux 6.4 2023-08-09 15:32:31 +02:00
dpdk_rte_lpm spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD 2023-05-12 10:44:03 -06:00
edk2
ena-com ena: Upgrade ena-com to freebsd v2.8.0 2024-10-31 14:54:10 +00:00
libb2
libfdt
libnv libnv: fix heap overflow in nvlist_recv() 2026-04-29 22:15:06 +02:00
libsodium
ncsw powerpc: Use valid prototypes for function declarations with no arguments. 2023-04-24 08:53:50 -07:00
openzfs Fix corruption in ZFS replication streams from encrypted datasets. 2025-07-10 09:40:58 +02:00
pcg-c/include
rdma/krping krping: Stop checking for failures from malloc(M_WAITOK) 2024-09-30 12:44:17 +08:00
v4l
vchiq/interface vchiq(4): Stop checking for failures from malloc(M_WAITOK) 2024-09-30 12:44:27 +08:00
x86emu x86emu: remove localy added __FBSDID 2023-12-13 23:08:51 +00:00
xen xen: fetch dom0 video console information from Xen 2023-03-09 17:13:17 +01:00
xz-embedded
zlib zlib: use more memory for a small deflate speedup. 2024-03-20 20:49:04 -07:00
zstd