5.5

CVE-2020-7463

In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.

Data is provided by the National Vulnerability Database (NVD)
FreebsdFreebsd Version11.3 Update-
FreebsdFreebsd Version11.3 Updatep1
FreebsdFreebsd Version11.3 Updatep10
FreebsdFreebsd Version11.3 Updatep11
FreebsdFreebsd Version11.3 Updatep12
FreebsdFreebsd Version11.3 Updatep2
FreebsdFreebsd Version11.3 Updatep3
FreebsdFreebsd Version11.3 Updatep4
FreebsdFreebsd Version11.3 Updatep5
FreebsdFreebsd Version11.3 Updatep6
FreebsdFreebsd Version11.3 Updatep7
FreebsdFreebsd Version11.3 Updatep8
FreebsdFreebsd Version11.3 Updatep9
FreebsdFreebsd Version11.4 Update-
FreebsdFreebsd Version11.4 Updatep1
FreebsdFreebsd Version11.4 Updatep2
FreebsdFreebsd Version12.1 Update-
FreebsdFreebsd Version12.1 Updatep1
FreebsdFreebsd Version12.1 Updatep2
FreebsdFreebsd Version12.1 Updatep3
FreebsdFreebsd Version12.1 Updatep4
FreebsdFreebsd Version12.1 Updatep5
FreebsdFreebsd Version12.1 Updatep6
FreebsdFreebsd Version12.1 Updatep7
FreebsdFreebsd Version12.1 Updatep8
FreebsdFreebsd Version12.2 Update-
AppleiCloud SwPlatformwindows Version < 12.3
AppleiTunes SwPlatformwindows Version < 12.11.3
AppleSafari Version < 14.1
AppleiPadOS Version < 14.5
AppleiPhone OS Version < 14.5
ApplemacOS Version >= 11.0 < 11.3
AppletvOS Version < 14.5
ApplewatchOS Version < 7.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.05% 0.153
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://seclists.org/fulldisclosure/2021/Apr/50
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2021/Apr/49
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2021/Apr/57
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2021/Apr/58
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2021/Apr/59
Third Party Advisory
Mailing List