Описание
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.quotelen sysctl.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitMitigationVendor Advisory
- Third Party AdvisoryVDB Entry
- ExploitMitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.2 (исключая)
Одно из
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00382
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 5.9
debian
около 7 лет назад
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to inc ...
CVSS3: 5.9
github
больше 3 лет назад
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.quotelen sysctl.
EPSS
Процентиль: 59%
0.00382
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-787