vulnerability
FreeBSD: VID-8db74c04-d794-11ea-88f8-901b0ef719ab (CVE-2020-7460): FreeBSD -- sendmsg(2) privilege escalation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:N/C:P/I:P/A:P) | Aug 6, 2020 | Aug 6, 2020 | Dec 10, 2025 |
Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
Aug 6, 2020
Added
Aug 6, 2020
Modified
Dec 10, 2025
Description
Problem Description: When handling a 32-bit sendmsg(2) call, the compat32 subsystem copies the control message to be transmitted (if any) into kernel memory, and adjusts alignment of control message headers. The code which performs this work contained a time-of-check to time-of-use (TOCTOU) vulnerability which allows a malicious userspace program to modify control message headers after they were validated by the kernel. Impact: The TOCTOU bug can be exploited by an unprivileged malicious userspace program to trigger privilege escalation.
Solutions
freebsd-upgrade-base-12_1-release-p8freebsd-upgrade-base-11_4-release-p2freebsd-upgrade-base-11_3-release-p12
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.