Security Advisory

CVE-2022-23084

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-15 04:52:09

Last updated 2025-02-13 16:28:58

Assigner freebsd

State PUBLISHED

Description

The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

← Browse all CVEs View on cve.org ↗