Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-25577

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currently ignores such malformed packets, it passes them to userspace programs. Any programs expecting the kernel to do validation may be vulnerable to an overflow.

Published

2021-03-29T20:15:12.860

Last Modified

2024-11-21T05:18:09.407

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-120
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.2 Yes
References