CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-29627

In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-21:09.accept_filter.asc
https://security.netapp.com/advisory/ntap-20210423-0007/
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:09.accept_filter.asc
https://security.netapp.com/advisory/ntap-20210423-0007/

Products affected by CVE-2021-29627

Freebsd » Freebsd » Version: 12.0

cpe:2.3:o:freebsd:freebsd:12.0
Freebsd » Freebsd » Version: 12.1

cpe:2.3:o:freebsd:freebsd:12.1
Freebsd » Freebsd » Version: 12.2

cpe:2.3:o:freebsd:freebsd:12.2
Freebsd » Freebsd » Version: 13.0

cpe:2.3:o:freebsd:freebsd:13.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-29627

Products

Pricing

Contact Us