← Back

CVE-2020-25577

nvd nist
Published: Mar 29, 2021Modified: Jun 17, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currently ignores such malformed packets, it passes them to userspace programs. Any programs expecting the kernel to do validation may be vulnerable to an overflow.

Affected (15)

Products: Freebsd: Freebsd
Freebsd
1 product
Freebsd
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Freebsd
Freebsd
Version 11.4
Freebsd
Version 11.4 p1
Freebsd
Version 11.4 p2
Freebsd
Version 11.4 p3
Freebsd
Version 12.1
Freebsd
Version 12.1 p1
Freebsd
Version 12.1 p2
Freebsd
Version 12.1 p3
Freebsd
Version 12.1 p4
Freebsd
Version 12.1 p5
Freebsd
Version 12.1 p6
Freebsd
Version 12.1 p7
Freebsd
Version 12.1 p8
Freebsd
Version 12.1 p9
Freebsd
Version 12.2

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

Source: secteam@freebsd.org
Vendor Advisory
Source: secteam@freebsd.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.