CVE-2021-29630
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
30/08/2021
Last modified:
14/12/2021
Description
In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.
Impact
Base Score 3.x
8.10
Severity 3.x
HIGH
Base Score 2.0
7.60
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p10:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p11:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p12:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p13:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p6:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p7:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p8:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p9:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page