CVE-2020-7469: Use After Free
First published: Fri Jun 04 2021(Updated: )
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet buffer may be freed, rendering the cached pointer invalid. The network stack may later dereference the pointer, potentially triggering a use-after-free.
Credit: secteam@freebsd.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD FreeBSD | =11.4 | |
| FreeBSD FreeBSD | =11.4-beta1 | |
| FreeBSD FreeBSD | =11.4-p1 | |
| FreeBSD FreeBSD | =11.4-p2 | |
| FreeBSD FreeBSD | =11.4-p3 | |
| FreeBSD FreeBSD | =11.4-p4 | |
| FreeBSD FreeBSD | =11.4-rc1 | |
| FreeBSD FreeBSD | =11.4-rc2 | |
| FreeBSD FreeBSD | =12.1 | |
| FreeBSD FreeBSD | =12.1-p10 | |
| FreeBSD FreeBSD | =12.1-p2 | |
| FreeBSD FreeBSD | =12.1-p3 | |
| FreeBSD FreeBSD | =12.1-p4 | |
| FreeBSD FreeBSD | =12.1-p5 | |
| FreeBSD FreeBSD | =12.1-p6 | |
| FreeBSD FreeBSD | =12.1-p7 | |
| FreeBSD FreeBSD | =12.1-p8 | |
| FreeBSD FreeBSD | =12.1-p9 | |
| FreeBSD FreeBSD | =12.2 | |
| NetApp Clustered Data ONTAP |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-7469?
CVE-2020-7469 is a vulnerability in FreeBSD that allows an attacker to cache a pointer into the packet buffer holding the ICMPv6 message, which can lead to remote code execution.
How severe is CVE-2020-7469?
CVE-2020-7469 has a severity rating of 7.5 (high).
Which versions of FreeBSD are affected by CVE-2020-7469?
FreeBSD versions 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11, and 11.4-RELEASE before p5 are affected by CVE-2020-7469.
How can I fix CVE-2020-7469?
To fix CVE-2020-7469, users should update to FreeBSD 12.2-STABLE r367402, 11.4-STABLE r368202, 12.2-RELEASE p1, 12.1-RELEASE p11, or 11.4-RELEASE p5 or later versions.
Where can I find more information about CVE-2020-7469?
More information about CVE-2020-7469 can be found in the FreeBSD security advisory at https://security.FreeBSD.org/advisories/FreeBSD-SA-20:31.icmp6.asc.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/11.4
- version/freebsd freebsd/11.4-beta1
- version/freebsd freebsd/11.4-p1
- version/freebsd freebsd/11.4-p2
- version/freebsd freebsd/11.4-p3
- version/freebsd freebsd/11.4-p4
- version/freebsd freebsd/11.4-rc1
- version/freebsd freebsd/11.4-rc2
- version/freebsd freebsd/12.1
- version/freebsd freebsd/12.1-p10
- version/freebsd freebsd/12.1-p2
- version/freebsd freebsd/12.1-p3
- version/freebsd freebsd/12.1-p4
- version/freebsd freebsd/12.1-p5
- version/freebsd freebsd/12.1-p6
- version/freebsd freebsd/12.1-p7
- version/freebsd freebsd/12.1-p8
- version/freebsd freebsd/12.1-p9
- version/freebsd freebsd/12.2
- vendor/netapp
- canonical/netapp clustered data ontap