vulnerability

FreeBSD: VID-a9c6e9be-61fb-11eb-b87a-901b0ef719ab (CVE-2020-25579): FreeBSD -- Uninitialized kernel stack leaks in several file systems

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Jan 29, 2021

Added

Jan 30, 2021

Modified

Jun 15, 2026

Description

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes.

Solutions

freebsd-upgrade-base-12_2-release-p3freebsd-upgrade-base-12_1-release-p13freebsd-upgrade-base-11_4-release-p7

References

CVE-2020-25579
https://attackerkb.com/topics/CVE-2020-25579
CWE-909
EUVD-EUVD-2020-18259
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-18259

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report