Lucene search
FreebsdCVELIST:CVE-2022-23084HistoryFeb 15, 2024 - 4:52 a.m.
CVE-2022-23084 Potential jail escape vulnerabilities in netmap
2024-02-1504:52:09
freebsd
www.cve.org
3
cve-2022-23084
netmap
jail escape
vulnerabilities
time-of-check
time-of-use
kernel memory corruption
devfs_ruleset
privileged process
host environment
The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption.
On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"netmap"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p1",
"status": "affected",
"version": "13.1-RC1",
"versionType": "release"
},
{
"lessThan": "p11",
"status": "affected",
"version": "13.0-RELEASE",
"versionType": "release"
},
{
"lessThan": "p5",
"status": "affected",
"version": "12.3-RELEASE",
"versionType": "release"
}
]
}
]Related
zdi
zdi
vulnrichment
vulnrichment
CVE-2022-23084 Potential jail escape vulnerabilities in netmap
2024-02-15 04:52:09
prion
prion
Memory corruption
2024-02-15 05:15:00
nvd
nvd
CVE-2022-23084
2024-02-15 05:15:08
cve
cve
CVE-2022-23084
2024-02-15 05:15:08
nessus
nessus
freebsd
freebsd
FreeBSD -- Potential jail escape vulnerabilities in netmap
2022-04-06 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:04.netmap
2022-04-06 00:00:00