Lucene search

FreeBSD74BBDE13-EC17-11EA-88F8-901B0EF719AB

HistorySep 02, 2020 - 12:00 a.m.

FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug

2020-09-0200:00:00

vuxml.freebsd.org

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

Problem Description:
Due to improper mbuf handling in the kernel, a use-after-free bug might be
triggered by sending IPv6 Hop-by-Hop options over the loopback interface.
Impact:
Triggering the use-after-free situation may result in unintended kernel
behaviour including a kernel panic.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfreebsd-kernel= 11.3UNKNOWN
FreeBSDanynoarchfreebsd-kernel< 11.3_13UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	freebsd-kernel	= 11.3	UNKNOWN
FreeBSD	any	noarch	freebsd-kernel	< 11.3_13	UNKNOWN

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for 74BBDE13-EC17-11EA-88F8-901B0EF719AB