Security Advisory

CVE-2020-7460

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-06 16:49:16

Last updated 2024-08-04 09:25:49

Assigner freebsd

State PUBLISHED

Description

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.

← Browse all CVEs View on cve.org ↗