CVE-2022-23085

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

CVE-2022-23084

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

The vulnerability of the nmreq_copyin() function in the netmap component of FreeBSD allows a hacker to execute arbitrary code in the kernel context.

The vulnerability of the nmreqcopyin function in the netmap component of FreeBSD operating systems is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the kernel context...

PT-2022-6122 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to a time-of-check to time-of-use bug in the nmreq copyin function of the netmap component in FreeBSD. This bug could lead to kernel memory corruption. On systems...