These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A signed integer overflow vulnerability exists in NetBSD's cryptographic framework prior to commit ec8451e. The `cryptodev_op()` function in `sys/opencrypto/cryptodev.c` declares the local variable `iov_len` as a signed `int`, but assigns it from an unsigned `cop->dst_len` value. When `cop->dst_len` exceeds `INT_MAX`, this causes undefined behavior that can manifest as a kernel panic through NULL pointer [truncated]
A race condition in NetBSD's opencrypto subsystem (cryptodev_op()) allows local attackers to trigger double-free memory corruption on SMP systems by concurrently issuing CIOCCRYPT operations on the same session identifier. The vulnerability stems from mutable per-operation state embedded in the csession struct, enabling kernel heap corruption. This affects NetBSD versions prior to commit ec8451e. The CVSS [truncated]
CVE-2016-6253 is a NetBSD local privilege-escalation issue in mail.local. According to the CVE description, a local user can abuse a symlink attack on the user mailbox to change ownership of, or append data to, arbitrary files on the target system. NVD lists the issue as HIGH severity with CVSS 3.0 7.8, and the weakness is mapped to CWE-59 (link following / symlink-related file handling).
CVE-2015-8212 is a critical NetBSD vulnerability in bozohttpd CGI handling that can allow a remote attacker to execute arbitrary code by supplying crafted arguments to a non-CGI-aware program. NVD marks the issue as CVSS 9.8 with full confidentiality, integrity, and availability impact. The affected NetBSD releases listed by NVD are 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0.