Vulnerabilities > CVE-2020-24385 - NULL Pointer Dereference vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

midnightbsd

freebsd

CWE-476

NVD

Published: 2020-09-03

Updated: 2020-09-11

Summary

In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. During binary interaction, td->td_emuldata in sys/compat/linux/linux_emul.h is not getting initialized and returns NULL from em_find().

Vulnerable Configurations

Part	Description	Count
Application	Midnightbsd Midnightbsd Midnightbsd 1.3 Midnightbsd Midnightbsd 2020-08-19 Midnightbsd Midnightbsd - Midnightbsd Midnightbsd 0.1 Midnightbsd Midnightbsd 0.1.0 Midnightbsd Midnightbsd 0.1.1 Midnightbsd Midnightbsd 0.2.0 Midnightbsd Midnightbsd 0.2.1 Midnightbsd Midnightbsd 0.3.0 Midnightbsd Midnightbsd 0.4.0 Midnightbsd Midnightbsd 0.5.0 Midnightbsd Midnightbsd 0.5.1 Midnightbsd Midnightbsd 0.5.2 Midnightbsd Midnightbsd 0.5.3 Midnightbsd Midnightbsd 0.5.4 Midnightbsd Midnightbsd 0.5.7 Midnightbsd Midnightbsd 0.5.9 Midnightbsd Midnightbsd 0.5.10 Midnightbsd Midnightbsd 0.5.11 Midnightbsd Midnightbsd 0.6.0 Midnightbsd Midnightbsd 0.6.1 Midnightbsd Midnightbsd 0.6.4 Midnightbsd Midnightbsd 0.6.5 Midnightbsd Midnightbsd 0.6.6 Midnightbsd Midnightbsd 0.6.7 Midnightbsd Midnightbsd 0.7.0 Midnightbsd Midnightbsd 0.7.1 Midnightbsd Midnightbsd 0.7.2 Midnightbsd Midnightbsd 0.7.3 Midnightbsd Midnightbsd 0.7.4 Midnightbsd Midnightbsd 0.7.5 Midnightbsd Midnightbsd 0.7.6 Midnightbsd Midnightbsd 0.7.7 Midnightbsd Midnightbsd 0.7.8 Midnightbsd Midnightbsd 0.7.9 Midnightbsd Midnightbsd 0.8.0 Midnightbsd Midnightbsd 0.8.1 Midnightbsd Midnightbsd 0.8.2 Midnightbsd Midnightbsd 0.8.6 Midnightbsd Midnightbsd 0.8.7 Midnightbsd Midnightbsd 1.0.0 Midnightbsd Midnightbsd 1.1.0 Midnightbsd Midnightbsd 1.1.1 Midnightbsd Midnightbsd 1.1.2 Midnightbsd Midnightbsd 1.1.3 Midnightbsd Midnightbsd 1.2.0 Midnightbsd Midnightbsd 1.2.1 Midnightbsd Midnightbsd 1.2.2 Midnightbsd Midnightbsd 1.2.3 Midnightbsd Midnightbsd 1.2.4 Midnightbsd Midnightbsd 1.2.5	51
OS	Freebsd Freebsd Freebsd - Freebsd Freebsd 0.4_1 Freebsd Freebsd 1.0 Freebsd Freebsd 1.1 Freebsd Freebsd 1.1.5 Freebsd Freebsd 1.1.5.1 Freebsd Freebsd 1.2 Freebsd Freebsd 1.5 Freebsd Freebsd 2.0 Freebsd Freebsd 2.0.1 Freebsd Freebsd 2.0.5 Freebsd Freebsd 2.1 Freebsd Freebsd 2.1.0 Freebsd Freebsd 2.1.5 Freebsd Freebsd 2.1.6 Freebsd Freebsd 2.1.6.1 Freebsd Freebsd 2.1.7 Freebsd Freebsd 2.1.7.1 Freebsd Freebsd 2.2 Freebsd Freebsd 2.2.1 Freebsd Freebsd 2.2.2 Freebsd Freebsd 2.2.3 Freebsd Freebsd 2.2.4 Freebsd Freebsd 2.2.5 Freebsd Freebsd 2.2.6 Freebsd Freebsd 2.2.7 Freebsd Freebsd 2.2.8 Freebsd Freebsd 3.0 Freebsd Freebsd 3.1 Freebsd Freebsd 3.2 Freebsd Freebsd 3.3 Freebsd Freebsd 3.4 Freebsd Freebsd 3.5 Freebsd Freebsd 3.5.1 Freebsd Freebsd 4.0 Freebsd Freebsd 4.1 Freebsd Freebsd 4.1.1 Freebsd Freebsd 4.2 Freebsd Freebsd 4.3 Freebsd Freebsd 4.4 Freebsd Freebsd 4.5 Freebsd Freebsd 4.6 Freebsd Freebsd 4.6.1 Freebsd Freebsd 4.6.2 Freebsd Freebsd 4.7 Freebsd Freebsd 4.8 Freebsd Freebsd 4.9 Freebsd Freebsd 4.10 Freebsd Freebsd 4.11 Freebsd Freebsd 5.0 Freebsd Freebsd 5.1 Freebsd Freebsd 5.2 Freebsd Freebsd 5.2.1 Freebsd Freebsd 5.3 Freebsd Freebsd 5.4 Freebsd Freebsd 5.5 Freebsd Freebsd 6.0 Freebsd Freebsd 6.1 Freebsd Freebsd 6.2 Freebsd Freebsd 6.3 Freebsd Freebsd 6.4	422

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References