Attacker Value
Unknown
0

CVE-2020-7457

Disclosure Date: July 09, 2020

Exploitability

(0 users assessed) Unknown
Attack Vector
Network
Privileges Required
None
User Interaction
None

Description

In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory after being freed, possibly resulting in code execution.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Products

  • FreeBSD

Additional Info

Technical Analysis