Unrated severityNVD Advisory· Published Mar 26, 2021· Updated Aug 4, 2024
CVE-2020-7461
CVE-2020-7461
Description
In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. The heap overflow could in principle be exploited to achieve remote code execution. The affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- FreeBSD/FreeBSDdescription
Patches
Vulnerability mechanics
References
2- cert-portal.siemens.com/productcert/pdf/ssa-288459.pdfmitrex_refsource_MISC
- security.freebsd.org/advisories/FreeBSD-SA-20:26.dhclient.ascmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.