Back to search
CVE-2020-7456
Published: Jun 9, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution.
| Vendor | Product | Versions |
|---|---|---|
n/a | FreeBSD | affected FreeBSD 12.1-RELEASE before p6, 11.3-RELEASE before p10, and 11.4-RC2 before p1 |
References
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:17.usb.asc
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20200625-0005/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now