N/A

In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12.1-RELEASE before p10, 11.4-RELEASE before p4, and 11.3-RELEASE before p14, a programming error in the ure(4) device driver caused some Realtek USB Ethernet interfaces to incorrectly report packets with more than 2048 bytes in a single USB transfer as having a length of only 2048 bytes. An adversary can exploit this to cause the driver to misinterpret part of the payload of a large packet as a separate packet, and thereby inject packets across security boundaries such as VLANs.

N/A

N/A

FreeBSD 注入漏洞

FreeBSD是Freebsd基金会的一套类Unix操作系统。 FreeBSD 12.2-STABLE 存在安全漏洞，攻击者可利用该漏洞导致驱动程序将大包的部分有效载荷误读为单独的包。

N/A

N/A