CVE-2021-29627
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free.
En FreeBSD versiones 13.0-STABLE anteriores a n245050, versiones 12.2-STABLE anteriores a r369525, versiones 13.0-RC4 anteriores a p0 y versiones 12.2-RELEASE anteriores a p6, los filtros de aceptación de socket de escucha que implementan la devolución de llamada accf_create liberaron incorrectamente una cadena de argumentos proporcionada por el proceso. Las operaciones adicionales en el socket pueden conllevar a una doble liberación o un uso de la memoria previamente liberada
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-03-30 CVE Reserved
- 2021-04-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-415: Double Free
- CWE-416: Use After Free
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20210423-0007 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.FreeBSD.org/advisories/FreeBSD-SA-21:09.accept_filter.asc | 2022-05-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | >= 12.0 < 12.2 Search vendor "Freebsd" for product "Freebsd" and version " >= 12.0 < 12.2" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.2 Search vendor "Freebsd" for product "Freebsd" and version "12.2" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.2 Search vendor "Freebsd" for product "Freebsd" and version "12.2" | p1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.2 Search vendor "Freebsd" for product "Freebsd" and version "12.2" | p2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | beta1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | beta2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | beta3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | beta4 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | rc1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | rc2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 13.0 Search vendor "Freebsd" for product "Freebsd" and version "13.0" | rc3 |
Affected
| ||||||