Out-of-bounds write in FreeBSD - CVE-2020-7454

 

Out-of-bounds write in FreeBSD - CVE-2020-7454

Published: May 12, 2020


Vulnerability identifier: #VU27859
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-7454
CWE-ID: CWE-787
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: FreeBSD Foundation
Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of packet length in libalias(3) library when processing network packets. A remote attacker can send specially crafted packet to the system, trigger our-of-bound read or write error and execute arbitrary code on the target system.

Successful exploitation of vulnerability requires that system is configured to use NAT with ipwf(4).


How to mitigate CVE-2020-7454

Install updates from vendor's website.

Sources