Lucene search
FreebsdCVELIST:CVE-2020-7460HistoryAug 06, 2020 - 4:49 p.m.
CVE-2020-7460
2020-08-0616:49:16
freebsd
www.cve.org
0.0004 Low
EPSS
Percentile
15.9%
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.
CNA Affected
[
{
"product": "FreeBSD",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FreeBSD 12.1-RELEASE before p8, 11.4-RELEASE before p2, 11.3-RELEASE before p12"
}
]
}
]Related
zdi
zdi
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:23.sendmsg
2020-08-05 00:00:00
nvd
nvd
CVE-2020-7460
2020-08-06 17:15:11
nessus
nessus
prion
prion
Input validation
2020-08-06 17:15:00
freebsd
freebsd
FreeBSD -- sendmsg(2) privilege escalation
2020-08-05 00:00:00
cve
cve
CVE-2020-7460
2020-08-06 17:15:11
attackerkb
attackerkb
CVE-2020-7460
2020-08-06 00:00:00