Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-7463

In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.

Published

2021-03-26T21:15:13.193

Last Modified

2024-11-21T05:37:11.690

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

3.9

Impact Score

6.9

Weaknesses
  • Type: Primary
    CWE-416
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.3 Yes
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 11.4 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.1 Yes
Operating System freebsd freebsd 12.2 Yes
Application apple icloud < 12.3 Yes
Application apple itunes < 12.11.3 Yes
Application apple safari < 14.1 Yes
Operating System apple ipados < 14.5 Yes
Operating System apple iphone_os < 14.5 Yes
Operating System apple macos < 11.3 Yes
Operating System apple tvos < 14.5 Yes
Operating System apple watchos < 7.4 Yes
References