Lucene search
HistoryFeb 15, 2024 - 5:15 a.m.
CVE-2022-23085
cve-2022-23085
integer overflow
nmreq_copyin()
kernel memory corruption
netmap
devfs_ruleset
privileged process
jail
security vulnerability
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption.
On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"netmap"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p1",
"status": "affected",
"version": "13.1-RC1",
"versionType": "release"
},
{
"lessThan": "p11",
"status": "affected",
"version": "13.0-RELEASE",
"versionType": "release"
},
{
"lessThan": "p5",
"status": "affected",
"version": "12.3-RELEASE",
"versionType": "release"
}
]
}
]Related
zdi
zdi
FreeBSD Kernel Netmap Integer Overflow Privilege Escalation Vulnerability
2022-09-20 00:00:00
cvelist
cvelist
CVE-2022-23085 Potential jail escape vulnerabilities in netmap
2024-02-15 04:52:17
prion
prion
Design/Logic Flaw
2024-02-15 05:15:00
nvd
nvd
CVE-2022-23085
2024-02-15 05:15:09
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:04.netmap
2022-04-06 00:00:00
nessus
nessus
freebsd
freebsd
FreeBSD -- Potential jail escape vulnerabilities in netmap
2022-04-06 00:00:00