CyberSec.Space Logo
Back to CVE Browser

CVE-2020-7452

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile25.73th
PublishedApr 29, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and potentially execute arbitrary code in the kernel.

Affected Platforms (CPE)

πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 11.3
πŸ’»
Freebsd

Freebsd

= 12.1
πŸ’»
Freebsd

Freebsd

= 12.1
πŸ’»
Freebsd

Freebsd

= 12.1

References & Advisories

πŸ”— https://security.FreeBSD.org/advisories/FreeBSD-SA-20:07.epair.asc
πŸ”— https://security.FreeBSD.org/advisories/FreeBSD-SA-20:07.epair.asc

Related Vulnerabilities

CVE-1999-079810.0

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-2001-096910.0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw t...

CVE-1999-032310.0

FreeBSD mmap function allows users to modify append-only or immutable files.

CVE-2004-105310.0

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP he...