CVE-2022-23084
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/02/2024
Last modified:
09/12/2024
Description
The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption.<br />
<br />
On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* | 12.0 (including) | 12.3 (excluding) |
| cpe:2.3:o:freebsd:freebsd:12.3:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.3:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.3:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.3:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.3:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:beta1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:beta2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:beta3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:beta3-p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:beta4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:p10:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:13.0:p2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page