Vulnerabilities > CVE-2020-7463 - Use After Free vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://seclists.org/fulldisclosure/2021/Apr/49
- http://seclists.org/fulldisclosure/2021/Apr/49
- http://seclists.org/fulldisclosure/2021/Apr/50
- http://seclists.org/fulldisclosure/2021/Apr/50
- http://seclists.org/fulldisclosure/2021/Apr/57
- http://seclists.org/fulldisclosure/2021/Apr/57
- http://seclists.org/fulldisclosure/2021/Apr/58
- http://seclists.org/fulldisclosure/2021/Apr/58
- http://seclists.org/fulldisclosure/2021/Apr/59
- http://seclists.org/fulldisclosure/2021/Apr/59
- https://security.FreeBSD.org/advisories/FreeBSD-SA-20:25.sctp.asc
- https://security.FreeBSD.org/advisories/FreeBSD-SA-20:25.sctp.asc
- https://support.apple.com/kb/HT212317
- https://support.apple.com/kb/HT212317
- https://support.apple.com/kb/HT212318
- https://support.apple.com/kb/HT212318
- https://support.apple.com/kb/HT212319
- https://support.apple.com/kb/HT212319
- https://support.apple.com/kb/HT212321
- https://support.apple.com/kb/HT212321
- https://support.apple.com/kb/HT212323
- https://support.apple.com/kb/HT212323
- https://support.apple.com/kb/HT212324
- https://support.apple.com/kb/HT212324
- https://support.apple.com/kb/HT212325
- https://support.apple.com/kb/HT212325