vulnerability

FreeBSD: VID-c11ee146-c266-11ea-8659-901b0ef719ab (CVE-2020-7457): FreeBSD -- IPv6 socket option race condition and use after free

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Jul 10, 2020	Jul 11, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Jul 10, 2020

Added

Jul 11, 2020

Modified

Dec 10, 2025

Description

Problem Description: The IPV6_2292PKTOPTIONS set handler was missing synchronization, so racing accesses could modify freed memory. Impact: A malicious user application could trigger memory corruption, leading to privilege escalation.

Solutions

freebsd-upgrade-base-12_1-release-p7freebsd-upgrade-base-11_4-release-p1freebsd-upgrade-base-11_3-release-p11

References

CVE-2020-7457
https://attackerkb.com/topics/CVE-2020-7457
CWE-362
CWE-416
CWE-662

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today