vulnerability

FreeBSD: VID-0e06013e-6a06-11ea-92ab-00163e433440 (CVE-2020-7451): FreeBSD -- TCP IPv6 SYN cache kernel information disclosure

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 19, 2020	Mar 20, 2020	Mar 25, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 19, 2020

Added

Mar 20, 2020

Modified

Mar 25, 2026

Description

Problem Description: When a TCP server transmits or retransmits a TCP SYN-ACK segment over IPv6, the Traffic Class field is not initialized. This also applies to challenge ACK segments, which are sent in response to received RST segments during the TCP connection setup phase. Impact: For each TCP SYN-ACK (or challenge TCP-ACK) segment sent over IPv6, one byte of kernel memory is transmitted over the network.

Solutions

freebsd-upgrade-base-12_1-release-p3freebsd-upgrade-base-11_3-release-p7

References

CVE-2020-7451
https://attackerkb.com/topics/CVE-2020-7451
CWE-908
EUVD-EUVD-2020-28577
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-28577

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today