← back
CVE-2019-15877

CVE-2019-15877

EPSS 0.2%
In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory.
Affected products
n/a · FreeBSD

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:06.if_ixl_ioctl.asc