// For flags

CVE-2020-25578

 

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d_off field of the dirent structures returned by VOP_READDIR. In particular, tmpfs(5), smbfs(5), autofs(5) and mqueuefs(5) were failing to do so. As a result, eight uninitialized kernel stack bytes may be leaked to userspace by these file systems.

En FreeBSD versiones 12.2-STABLE anteriores a r368969, 11.4-STABLE anteriores a r369047, 12.2-RELEASE anteriores a p3, 12.1-RELEASE anteriores a p13 y 11.4-RELEASE anteriores a p7, varios sistemas de archivos no estaban inicializando apropiadamente el campo d_off de las estructuras dirent devueltas por VOP_READDIR. En particular, tmpfs(5), smbfs(5), autofs(5) y mqueuefs(5) no lo hicieron. Como resultado, estos sistemas de archivos pueden filtrar ocho bytes de la pila del kernel no inicializados al espacio de usuario.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-09-14 CVE Reserved
  • 2021-03-26 CVE Published
  • 2023-12-10 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-665: Improper Initialization
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
-
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
p1
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
p2
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
p3
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
p4
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
p5
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
11.4
Search vendor "Freebsd" for product "Freebsd" and version "11.4"
p6
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
-
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p1
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p10
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p11
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p12
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p2
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p3
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p4
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p5
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p6
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p7
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p8
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.1
Search vendor "Freebsd" for product "Freebsd" and version "12.1"
p9
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.2
Search vendor "Freebsd" for product "Freebsd" and version "12.2"
-
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.2
Search vendor "Freebsd" for product "Freebsd" and version "12.2"
p1
Affected
Freebsd
Search vendor "Freebsd"
Freebsd
Search vendor "Freebsd" for product "Freebsd"
12.2
Search vendor "Freebsd" for product "Freebsd" and version "12.2"
p2
Affected