CVE-2020-25579
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/03/2021
Last modified:
12/07/2022
Description
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes.
Impact
Base Score 3.x
5.30
Severity 3.x
MEDIUM
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p6:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p10:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p11:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p12:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page