vulnerability

FreeBSD: VID-0e06013e-6a06-11ea-92ab-00163e433440 (CVE-2020-7451): FreeBSD -- TCP IPv6 SYN cache kernel information disclosure

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 19, 2020	Mar 20, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 19, 2020

Added

Mar 20, 2020

Modified

Dec 10, 2025

Description

Problem Description: When a TCP server transmits or retransmits a TCP SYN-ACK segment over IPv6, the Traffic Class field is not initialized. This also applies to challenge ACK segments, which are sent in response to received RST segments during the TCP connection setup phase. Impact: For each TCP SYN-ACK (or challenge TCP-ACK) segment sent over IPv6, one byte of kernel memory is transmitted over the network.

Solutions

freebsd-upgrade-base-12_1-release-p3freebsd-upgrade-base-11_3-release-p7

References

CVE-2020-7451
https://attackerkb.com/topics/CVE-2020-7451
CWE-908

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today