N/A

In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory after being freed, possibly resulting in code execution.

N/A

N/A

FreeBSD 资源管理错误漏洞

FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD中的IPV6_2292PKTOPTIONS套接字选项存在安全漏洞。攻击者可利用该漏洞造成内存损坏，从而提升权限。以下产品及版本受到影响：FreeBSD r359565之前的12.1-STABLE版本，p7之前的12.1-RELEASE版本，r362975之前的11.4-STABLE版本， p1之前的11.4-RELEASE版本， p11之前的11.3-RELEASE版本。

N/A

N/A