Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2020-24863

Published: 03/09/2020 Updated: 11/09/2020
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Midnightbsd

Vulnerability Summary

A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD prior to 1.2.7 and 1.3 through 2020-08-19, and FreeBSD up to and including 11.4, that allows an malicious user to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

midnightbsd midnightbsd

freebsd freebsd

References

CWE-787https://github.com/MidnightBSD/src/blob/1691c07ff4f27b97220a5d65e217341e477f4014/sys/kern/vfs_syscalls.chttps://www.midnightbsd.org/notes/http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:01.txthttps://www.freebsd.org/security/advisories/FreeBSD-EN-20:18.getfsstat.aschttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook