What is the severity of CVE-2019-15876?

CVE-2019-15876 has a medium severity rating due to insufficient privilege checks in specific ioctl command handlers within the oce network driver.

How do I fix CVE-2019-15876?

To mitigate CVE-2019-15876, upgrade your FreeBSD installation to version 12.1-RELEASE-p3 or later, or a patched version of 11.3.

What versions of FreeBSD are affected by CVE-2019-15876?

CVE-2019-15876 affects FreeBSD versions 12.1-STABLE prior to r356089, 12.1-RELEASE before 12.1-RELEASE-p3, and 11.3-STABLE prior to r356090.

Who is vulnerable to CVE-2019-15876?

Unprivileged users on affected FreeBSD systems could exploit CVE-2019-15876 to gain unauthorized access through the oce network driver.

What happens if I don't fix CVE-2019-15876?

Failure to address CVE-2019-15876 may allow unprivileged users to execute potentially harmful operations on the affected FreeBSD systems.

Vulnerability/
CVE-2019-15876

medium

5.5

CWE

862

28/4/2020

5/8/2024

CVE-2019-15876

First published: Tue Apr 28 2020(Updated: )

In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to send passthrough commands to the device firmware.

Credit: secteam@freebsd.org

Affected Software	Affected Version	How to fix
FreeBSD Kernel	=11.3
FreeBSD Kernel	=11.3-p1
FreeBSD Kernel	=11.3-p2
FreeBSD Kernel	=11.3-p3
FreeBSD Kernel	=11.3-p4
FreeBSD Kernel	=11.3-p5
FreeBSD Kernel	=11.3-p6
FreeBSD Kernel	=12.1
FreeBSD Kernel	=12.1-p1
FreeBSD Kernel	=12.1-p2

Remedy

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:05.if_oce_ioctl.asc

Never miss a vulnerability like this again

Reference Links

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:05.if_oce_ioctl.asc

Frequently Asked Questions

What is the severity of CVE-2019-15876?
CVE-2019-15876 has a medium severity rating due to insufficient privilege checks in specific ioctl command handlers within the oce network driver.
How do I fix CVE-2019-15876?
To mitigate CVE-2019-15876, upgrade your FreeBSD installation to version 12.1-RELEASE-p3 or later, or a patched version of 11.3.
What versions of FreeBSD are affected by CVE-2019-15876?
CVE-2019-15876 affects FreeBSD versions 12.1-STABLE prior to r356089, 12.1-RELEASE before 12.1-RELEASE-p3, and 11.3-STABLE prior to r356090.
Who is vulnerable to CVE-2019-15876?
Unprivileged users on affected FreeBSD systems could exploit CVE-2019-15876 to gain unauthorized access through the oce network driver.
What happens if I don't fix CVE-2019-15876?
Failure to address CVE-2019-15876 may allow unprivileged users to execute potentially harmful operations on the affected FreeBSD systems.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/author
agent/weakness
agent/last-modified-date
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/freebsd
canonical/freebsd kernel
version/freebsd kernel/11.3
version/freebsd kernel/11.3-p1
version/freebsd kernel/11.3-p2
version/freebsd kernel/11.3-p3
version/freebsd kernel/11.3-p4
version/freebsd kernel/11.3-p5
version/freebsd kernel/11.3-p6
version/freebsd kernel/12.1
version/freebsd kernel/12.1-p1
version/freebsd kernel/12.1-p2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.