CVE-2020-7461

Name of the Vulnerable Software and Affected Versions FreeBSD versions 12.1-STABLE before r365010 FreeBSD versions 11.4-STABLE before r365011 FreeBSD versions 12.1-RELEASE before p9 FreeBSD versions 11.4-RELEASE before p3 FreeBSD versions 11.3-RELEASE before p13

Description The issue is related to the handling of DHCP option 119, which can result in a heap overflow when the dhclient(8) process fails to handle certain malformed input. This heap overflow could potentially be exploited to achieve remote code execution. However, the affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit.

Recommendations For FreeBSD versions 12.1-STABLE before r365010, update to a version after r365010 to resolve the issue. For FreeBSD versions 11.4-STABLE before r365011, update to a version after r365011 to resolve the issue. For FreeBSD versions 12.1-RELEASE before p9, update to a version after p9 to resolve the issue. For FreeBSD versions 11.4-RELEASE before p3, update to a version after p3 to resolve the issue. For FreeBSD versions 11.3-RELEASE before p13, update to a version after p13 to resolve the issue.