By the Year
In 2022 there have been 0 vulnerabilities in Omniosce Omnios . Omnios did not have any published security vulnerabilities last year.
It may take a day or so for new Omnios vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Omniosce Omnios Security Vulnerabilities
An issue was discovered in illumos before 2020-10-22
9.8 - Critical
- October 26, 2020
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
Classic Buffer Overflow
bhyve, as used in FreeBSD through 12.1 and illumos (e.g
8.2 - High
- September 25, 2020
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.
illumos, as used in OmniOS Community Edition before r151030y
7.5 - High
- November 29, 2019
illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ip_attr.c mishandles conn_ixa dereferences.
Improper Input Validation