PT-2021-11154 · Freebsd · Freebsd
Published
2020-12-01
·
Updated
2021-06-03
·
CVE-2020-25577
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
FreeBSD versions 12.2-STABLE before r368250
FreeBSD versions 11.4-STABLE before r368253
FreeBSD versions 12.2-RELEASE before p1
FreeBSD versions 12.1-RELEASE before p11
FreeBSD versions 11.4-RELEASE before p5
Description:
The issue arises from the
rtsold(8) program not verifying if the RDNSS option extends past the end of the received packet before processing its contents. Although the kernel ignores such malformed packets, it passes them to userspace programs, which may be vulnerable to an overflow if they expect the kernel to perform validation.Recommendations:
For FreeBSD versions 12.2-STABLE before r368250, update to a version after r368250.
For FreeBSD versions 11.4-STABLE before r368253, update to a version after r368253.
For FreeBSD versions 12.2-RELEASE before p1, update to a version after p1.
For FreeBSD versions 12.1-RELEASE before p11, update to a version after p11.
For FreeBSD versions 11.4-RELEASE before p5, update to a version after p5.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freebsd