CVE-2020-25578
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/03/2021
Last modified:
28/06/2022
Description
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d_off field of the dirent structures returned by VOP_READDIR. In particular, tmpfs(5), smbfs(5), autofs(5) and mqueuefs(5) were failing to do so. As a result, eight uninitialized kernel stack bytes may be leaked to userspace by these file systems.
Impact
Base Score 3.x
5.30
Severity 3.x
MEDIUM
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p6:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p10:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p11:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p12:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page