CVE-2020-7455
FreeBSD Kernel NAT Out-Of-Bounds Read Information Disclosure Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd).
En FreeBSD versiones 12.1-STABLE anteriores a r360973, versiones 12.1-RELEASE anteriores a p5, versiones 11.4-STABLE anteriores a r360973, versiones 11.4-BETA1 anteriores a p1 y versiones 11.3-RELEASE anteriores a p9, el manejador de paquetes FTP en libalias calcula incorrectamente la longitud de algunos paquetes permitiendo divulgar pequeñas cantidades del kernel (para el kernel NAT) o espacio de proceso natd (para el espacio de usuario natd).
This vulnerability allows local attackers to disclose sensitive information on affected installations of FreeBSD Kernel. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of NAT. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of kernel.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-21 CVE Reserved
- 2020-05-13 CVE Published
- 2024-05-06 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20200518-0005 | Third Party Advisory |
|
| https://www.zerodayinitiative.com/advisories/ZDI-20-661 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.FreeBSD.org/advisories/FreeBSD-SA-20:13.libalias.asc | 2022-06-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p4 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p5 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p6 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p7 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.3 Search vendor "Freebsd" for product "Freebsd" and version "11.3" | p8 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.4 Search vendor "Freebsd" for product "Freebsd" and version "11.4" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.4 Search vendor "Freebsd" for product "Freebsd" and version "11.4" | beta1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.1 Search vendor "Freebsd" for product "Freebsd" and version "12.1" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.1 Search vendor "Freebsd" for product "Freebsd" and version "12.1" | p1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.1 Search vendor "Freebsd" for product "Freebsd" and version "12.1" | p2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.1 Search vendor "Freebsd" for product "Freebsd" and version "12.1" | p3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.1 Search vendor "Freebsd" for product "Freebsd" and version "12.1" | p4 |
Affected
| ||||||