Security Advisory

CVE-2022-23085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-15 04:52:17

Last updated 2025-02-13 16:28:59

Assigner freebsd

State PUBLISHED

Description

A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

← Browse all CVEs View on cve.org ↗