5.3

CVE-2020-25579

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version11.4 Update-
FreebsdFreebsd Version11.4 Updatep1
FreebsdFreebsd Version11.4 Updatep2
FreebsdFreebsd Version11.4 Updatep3
FreebsdFreebsd Version11.4 Updatep4
FreebsdFreebsd Version11.4 Updatep5
FreebsdFreebsd Version11.4 Updatep6
FreebsdFreebsd Version12.1 Update-
FreebsdFreebsd Version12.1 Updatep1
FreebsdFreebsd Version12.1 Updatep10
FreebsdFreebsd Version12.1 Updatep11
FreebsdFreebsd Version12.1 Updatep12
FreebsdFreebsd Version12.1 Updatep2
FreebsdFreebsd Version12.1 Updatep3
FreebsdFreebsd Version12.1 Updatep4
FreebsdFreebsd Version12.1 Updatep5
FreebsdFreebsd Version12.1 Updatep6
FreebsdFreebsd Version12.1 Updatep7
FreebsdFreebsd Version12.1 Updatep8
FreebsdFreebsd Version12.1 Updatep9
FreebsdFreebsd Version12.2 Update-
FreebsdFreebsd Version12.2 Updatep1
FreebsdFreebsd Version12.2 Updatep2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.42% 0.614
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-909 Missing Initialization of Resource

The product does not initialize a critical resource.