Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-329c-g8g4-89hm

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jail_set configuration option "osrelease" may return more bytes with a subsequent jail_get system call allowing a malicious jail superuser with permission to create nested jails to read kernel memory.

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jail_set configuration option "osrelease" may return more bytes with a subsequent jail_get system call allowing a malicious jail superuser with permission to create nested jails to read kernel memory.

Ссылки

EPSS

Процентиль: 20%
0.00064
Низкий

CVE ID

CVE-2020-7453

Связанные уязвимости

nvd логотип

CVE-2020-7453

CVSS3: 6
nvd
почти 6 лет назад

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jail_set configuration option "osrelease" may return more bytes with a subsequent jail_get system call allowing a malicious jail superuser with permission to create nested jails to read kernel memory.

debian логотип

CVE-2020-7453

CVSS3: 6
debian
почти 6 лет назад

In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEAS ...

EPSS

Процентиль: 20%
0.00064
Низкий

CVE ID

CVE-2020-7453