CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-7452

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile25.73th
Published2020年4月29日
Last Modified2024年11月21日

Vulnerability Description

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and potentially execute arbitrary code in the kernel.

Affected Platforms (CPE)

💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 11.3
💻
Freebsd

Freebsd

= 12.1
💻
Freebsd

Freebsd

= 12.1
💻
Freebsd

Freebsd

= 12.1

References & Advisories

🔗 https://security.FreeBSD.org/advisories/FreeBSD-SA-20:07.epair.asc
🔗 https://security.FreeBSD.org/advisories/FreeBSD-SA-20:07.epair.asc

相關漏洞威脅

CVE-1999-079810.0

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-2001-096910.0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw t...

CVE-1999-032310.0

FreeBSD mmap function allows users to modify append-only or immutable files.

CVE-2004-105310.0

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP he...