VYPR
Unrated severityNVD Advisory· Published Mar 26, 2021· Updated Aug 4, 2024

CVE-2020-7461

CVE-2020-7461

Description

In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. The heap overflow could in principle be exploited to achieve remote code execution. The affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • FreeBSD/FreeBSDdescription
  • FreeBSD/FreeBSDllm-fuzzy
    Range: <12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.