Vulnerability Details : CVE-2020-7463
In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.
Vulnerability category: Memory Corruption
Products affected by CVE-2020-7463
- cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p6:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p10:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p11:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p12:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.3:p9:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p6:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.1:p8:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-7463
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-7463
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2020-7463
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-7463
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:25.sctp.asc
Vendor Advisory
-
http://seclists.org/fulldisclosure/2021/Apr/49
Full Disclosure: APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2021/Apr/50
Full Disclosure: APPLE-SA-2021-04-26-2 macOS Big Sur 11.3Mailing List;Third Party Advisory
-
https://support.apple.com/kb/HT212319
About the security content of iTunes 12.11.3 for Windows - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT212323
About the security content of tvOS 14.5 - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT212321
About the security content of iCloud for Windows 12.3 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2021/Apr/58
Full Disclosure: APPLE-SA-2021-04-26-8 iCloud for Windows 12.3Mailing List;Third Party Advisory
-
https://support.apple.com/kb/HT212317
About the security content of iOS 14.5 and iPadOS 14.5 - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT212318
About the security content of Safari 14.1 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2021/Apr/59
Full Disclosure: APPLE-SA-2021-04-26-9 iTunes 12.11.3 for WindowsMailing List;Third Party Advisory
-
https://support.apple.com/kb/HT212324
About the security content of watchOS 7.4 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2021/Apr/57
Full Disclosure: APPLE-SA-2021-04-26-7 Safari 14.1Mailing List;Third Party Advisory
-
https://support.apple.com/kb/HT212325
About the security content of macOS Big Sur 11.3 - Apple SupportThird Party Advisory
Jump to