QwikSec

Security Database

CVE

CWE

Training

CVE-2020-7463

Published: Mar 26, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.

Vendor	Product	Versions
n/a	FreeBSD	affected `FreeBSD 12.1-RELEASE before p9, 11.4-RELEASE before p3, 11.3-RELEASE before p13`

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:25.sctp.asc

x_refsource_MISC

https://support.apple.com/kb/HT212317

x_refsource_CONFIRM

https://support.apple.com/kb/HT212319

x_refsource_CONFIRM

https://support.apple.com/kb/HT212325

x_refsource_CONFIRM

https://support.apple.com/kb/HT212323

x_refsource_CONFIRM

https://support.apple.com/kb/HT212324

x_refsource_CONFIRM

https://support.apple.com/kb/HT212321

x_refsource_CONFIRM

https://support.apple.com/kb/HT212318

x_refsource_CONFIRM

20210427 APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5

mailing-list

x_refsource_FULLDISC

20210427 APPLE-SA-2021-04-26-2 macOS Big Sur 11.3

mailing-list

x_refsource_FULLDISC

20210427 APPLE-SA-2021-04-26-9 iTunes 12.11.3 for Windows

mailing-list

x_refsource_FULLDISC

20210427 APPLE-SA-2021-04-26-8 iCloud for Windows 12.3

mailing-list

x_refsource_FULLDISC

20210427 APPLE-SA-2021-04-26-7 Safari 14.1

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.