FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Insufficient cryptodev MAC key length check

Affected packages
12.1 <= FreeBSD-kernel < 12.1_5

Details

VuXML ID 0bfcae0b-947f-11ea-92ab-00163e433440
Discovery 2020-01-20
Entry 2020-05-12

Problem Description:

Requests to create cryptography sessions using a MAC did not validate the user-supplied MAC key length. The cryptodev module allocates a buffer whose size is this user-suppled length.

Impact:

An unprivileged process can trigger a kernel panic.

References

CVE Name CVE-2019-15879
FreeBSD Advisory SA-20:15.cryptodev