CVE-2020-25578

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d_off field of the dirent structures returned by VOP_READDIR. In particular, tmpfs(5), smbfs(5), autofs(5) and mqueuefs(5) were failing to do so. As a result, eight uninitialized kernel stack bytes may be leaked to userspace by these file systems.

Link	Resource
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:01.fsdisclosure.asc	Vendor Advisory
https://security.netapp.com/advisory/ntap-20210423-0002/	Third Party Advisory

Configuration 1

cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p5:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p6:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p7:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p9:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p8:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:11.4:p6:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p10:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p11:*:*:*:*:*:* cpe:2.3:o:freebsd:freebsd:12.1:p12:*:*:*:*:*:*

---

Published : 2021-03-26 09:15

Updated : 2022-06-28 02:11

---

NVD link : CVE-2020-25578

Mitre link : CVE-2020-25578

No products.

CWE-665