Choose security issues to be avoided

[master-q]

• FreeBSD-SA-20:03.thrmisc
• https://github.com/freebsd/freebsd/commit/685a165c4c0b975cb2819b7042e1ddbc6eb79c5d

It's caused by uninitialized value. ATS may easily avoid this issue with at-view. But it may be difficult at VeriFast.

Fork https://github.com/metasepi/postmortem/issues/14.

[master-q]

• FreeBSD-SA-20:05.if_oce_ioctl
• https://github.com/freebsd/freebsd/commit/94ef8815eec7bb02a0a47a835479b4a141604936

It's caused by unprivileged access. Such privilege may be easily avoided by ATS and VeriFast.

Fork https://github.com/metasepi/postmortem/issues/15.

[master-q]

• FreeBSD-SA-20:06.if_ixl_ioctl
• https://github.com/freebsd/freebsd/commit/cf3b0bdee1d2f7ec186d9eda3e19bd879887a0c0

It's also caused by unprivileged access. Such privilege may be easily avoided by ATS and VeriFast.

Fork https://github.com/metasepi/postmortem/issues/16.

[master-q]

• FreeBSD-SA-20:14.sctp
• https://github.com/freebsd/freebsd/commit/9ba53a7f96928ff33afcd0c934276d03e5125308

It causes use-after-free on sctp_sharedkey_t value in struct sctp_keyhead list. ATS and VeriFast may avoid this.

Fork https://github.com/metasepi/postmortem/issues/17.

[master-q]

• FreeBSD-SA-19:22.mbuf
• https://github.com/freebsd/freebsd/commit/6e852342e4efda458ed0e89c5a70298bc75b1ae7

It's caused by no checking for length of mbuf. It may be hard to be avoided.

Fork https://github.com/metasepi/postmortem/issues/18.

[master-q]

• FreeBSD-SA-20:13.libalias
• https://github.com/freebsd/freebsd/commit/566891527b600a20653bfb359e754a895beedb21

It's caused by miss checking size of packets. It may be hard to be avoided.

Fork https://github.com/metasepi/postmortem/issues/19.

[master-q]

• FreeBSD-SA-20:02.ipsec
• https://github.com/freebsd/freebsd/commit/c4d20bf3c55ca01953453753119f65d7fb12a0b1

It's caused by IPsec specification. It may be hard to be avoided.

Fork https://github.com/metasepi/postmortem/issues/20.

[master-q]

All issue are forked. This issue can be closed.