Lucene search
+L

4 matches found

hackerone
hackerone
added 2022/01/04 10:0 p.m.32 views

PlayStation: Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)

The PS5 is vulnerable to https://hackerone.com/reports/826026 which easily grants kernel access to an attacker. This vulnerability had been reported by me for the PS4 2 years ago when the PS5 did not yet exist, thus this should be considered as a new report and not a duplicate. I was able to use...

6.8CVSS1.4AI score0.33106EPSS
Exploits4
osv
osv
added 2020/07/09 2:15 p.m.3 views

CVE-2020-7457

In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV62292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory...

8.1CVSS5.9AI score0.33106EPSS
Exploits4References3
cve
cve
added 2020/07/09 1:46 p.m.151 views

CVE-2020-7457

CVE-2020-7457 concerns a missing synchronization in the FreeBSD IPV6_2292PKTOPTIONS set handler (setsockopt), causing a race against freed memory in the ip6_pktopts path. Impact described as potential memory corruption and privilege escalation. Affected lines include FreeBSD stable/12 and stable/...

8.1CVSS8AI score0.33106EPSS
Exploits4References3Affected Software1
freebsd_advisory
freebsd_advisory
added 2020/07/08 12:0 a.m.13 views

FreeBSD-SA-20:20.ipv6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:20.ipv6 Security Advisory The FreeBSD Project Topic: IPv6 socket option race condition and use after free Category: core Module: network Announced: 2020-07-0...

8.1CVSS7.2AI score0.33106EPSS
Exploits4
Rows per page
Query Builder