PT-2022-6122 · Freebsd · Freebsd
Lucas Leong
+2
·
Published
2022-02-18
·
Updated
2024-12-09
·
CVE-2022-23084
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FreeBSD (affected versions not specified)
Description
The issue is related to a time-of-check to time-of-use bug in the
nmreq copyin() function of the netmap component in FreeBSD. This bug could lead to kernel memory corruption. On systems configured to include netmap in their devfs ruleset, a privileged process running in a jail can affect the host environment. The vulnerability may allow an attacker to execute arbitrary code in the context of the kernel.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freebsd