Описание
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.3:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00053
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 7.8
debian
больше 5 лет назад
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and ...
github
больше 3 лет назад
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key.
EPSS
Процентиль: 17%
0.00053
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-416