{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T23:17:09.607","vulnerabilities":[{"cve":{"id":"CVE-2019-5612","sourceIdentifier":"secteam@freebsd.org","published":"2019-08-30T09:15:21.020","lastModified":"2024-11-21T04:45:14.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer."},{"lang":"es","value":"En FreeBSD versión 12.0-STABLE anterior a r351264, versión 12.0-RELEASE anterior a 12.0-RELEASE-p10, versión 11.3-STABLE anterior a r351265, versión 11.3-RELEASE anterior a 11.3-RELEASE-p3, y versión 11.2-RELEASE anterior a 11.2-RELEASE-p14, el controlador del kernel para /dev/midistat implementa un manejador de lectura que no es un hilo (subproceso) seguro. Un programa multihilo puede explotar las carreras en el manejador para copiar fuera de la memoria del kernel, fuera de límites del búfer de datos de midistat."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*","matchCriteriaId":"3ACD1D8D-B3BC-4E99-B846-90A4071DB87B"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p10:*:*:*:*:*:*","matchCriteriaId":"0A8A5CDA-E099-47BA-A0C0-2F79C0432156"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p11:*:*:*:*:*:*","matchCriteriaId":"9AF6EBB1-EADE-41E2-A47B-0EC20F0C9899"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p12:*:*:*:*:*:*","matchCriteriaId":"63721E89-F453-423F-B34B-07B44C85A052"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p13:*:*:*:*:*:*","matchCriteriaId":"34134EDA-127A-48E2-B630-94DEF14666A9"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*","matchCriteriaId":"699FE432-8DF0-49F1-A98B-0E19CE01E5CE"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*","matchCriteriaId":"20B06752-39EE-4600-AC1F-69FB9C88E2A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*","matchCriteriaId":"22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*","matchCriteriaId":"E86CD544-86C4-4D9D-9CE5-087027509EDA"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*","matchCriteriaId":"64E47AE7-BB45-428E-90E9-38BFDFF23650"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*","matchCriteriaId":"586B9FA3-65A2-41EB-A848-E4A75565F0CA"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*","matchCriteriaId":"1164B48E-2F28-43C5-9B7B-546EAE12E27D"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*","matchCriteriaId":"F0B15B89-3AD2-4E03-9F47-DA934702187B"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:*:*:*:*:*:*:*","matchCriteriaId":"528F64CB-7A82-45C0-87CD-74EB975CC0BC"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*","matchCriteriaId":"F35957CE-AF9F-40CA-BDD1-FA6A0E73783F"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*","matchCriteriaId":"EA929713-B797-494A-853D-C121D9D69519"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*","matchCriteriaId":"3C3D8EDC-91D3-45B2-AC1D-EF4346D4A714"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*","matchCriteriaId":"EA5006FF-06A5-4D95-BF5B-29F26248D11F"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*","matchCriteriaId":"826B53C2-517F-4FC6-92E8-E7FCB24F91B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*","matchCriteriaId":"93F10A46-AEF2-4FDD-92D6-0CF07B70F986"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*","matchCriteriaId":"C4029113-130F-4A33-A8A0-BC3E74000378"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p4:*:*:*:*:*:*","matchCriteriaId":"46C5A6FD-7BBF-4E84-9895-8EE14DC846E4"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p5:*:*:*:*:*:*","matchCriteriaId":"6D71D083-3279-4DF4-91E1-38C373DD062F"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p8:*:*:*:*:*:*","matchCriteriaId":"3070787D-76E1-4671-B99D-213F7103B3A2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","matchCriteriaId":"1FE996B1-6951-4F85-AA58-B99A379D2163"}]}]}],"references":[{"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc","source":"secteam@freebsd.org","tags":["Mitigation","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20190910-0002/","source":"secteam@freebsd.org","tags":["Third Party Advisory"]},{"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20190910-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}