Security Advisory

CVE-2020-7458

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-09 13:47:03

Last updated 2024-08-04 09:25:48

Assigner freebsd

State PUBLISHED

Description

In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution.

← Browse all CVEs View on cve.org ↗