CVE-2020-7451

Name of the Vulnerable Software and Affected Versions FreeBSD versions 12.1-STABLE before r358739 FreeBSD versions 12.1-RELEASE before 12.1-RELEASE-p3 FreeBSD versions 11.3-STABLE before r358740 FreeBSD versions 11.3-RELEASE before 11.3-RELEASE-p7

Description A TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field, disclosing one byte of kernel memory over the network.

Recommendations For FreeBSD versions 12.1-STABLE before r358739, update to a version after r358739. For FreeBSD versions 12.1-RELEASE before 12.1-RELEASE-p3, update to 12.1-RELEASE-p3 or later. For FreeBSD versions 11.3-STABLE before r358740, update to a version after r358740. For FreeBSD versions 11.3-RELEASE before 11.3-RELEASE-p7, update to 11.3-RELEASE-p7 or later.