CVE-2020-7463

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2020-7463
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2021-03-26 21:15:00 UTC
Updated2023-01-09 16:41:00 UTC
DescriptionIn FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.

Risk And Classification

Problem Types: CWE-416

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Apple Icloud All All All All
Operating System Apple Ipados All All All All
Operating System Apple Ipad Os All All All All
Operating System Apple Iphone Os All All All All
Application Apple Itunes All All All All
Operating System Apple Macos All All All All
Application Apple Safari All All All All
Operating System Apple Tvos All All All All
Operating System Apple Watchos All All All All
Operating System Freebsd Freebsd 11.3 - All All
Operating System Freebsd Freebsd 11.3 p1 All All
Operating System Freebsd Freebsd 11.3 p10 All All
Operating System Freebsd Freebsd 11.3 p11 All All
Operating System Freebsd Freebsd 11.3 p12 All All
Operating System Freebsd Freebsd 11.3 p2 All All
Operating System Freebsd Freebsd 11.3 p3 All All
Operating System Freebsd Freebsd 11.3 p4 All All
Operating System Freebsd Freebsd 11.3 p5 All All
Operating System Freebsd Freebsd 11.3 p6 All All
Operating System Freebsd Freebsd 11.3 p7 All All
Operating System Freebsd Freebsd 11.3 p8 All All
Operating System Freebsd Freebsd 11.3 p9 All All
Operating System Freebsd Freebsd 11.4 - All All
Operating System Freebsd Freebsd 11.4 p1 All All
Operating System Freebsd Freebsd 11.4 p2 All All
Operating System Freebsd Freebsd 12.1 - All All
Operating System Freebsd Freebsd 12.1 p1 All All
Operating System Freebsd Freebsd 12.1 p2 All All
Operating System Freebsd Freebsd 12.1 p3 All All
Operating System Freebsd Freebsd 12.1 p4 All All
Operating System Freebsd Freebsd 12.1 p5 All All
Operating System Freebsd Freebsd 12.1 p6 All All
Operating System Freebsd Freebsd 12.1 p7 All All
Operating System Freebsd Freebsd 12.1 p8 All All
Operating System Freebsd Freebsd 12.2 - All All

References

ReferenceSourceLinkTags
About the security content of iTunes 12.11.3 for Windows - Apple Support CONFIRM support.apple.com
About the security content of iOS 14.5 and iPadOS 14.5 - Apple Support CONFIRM support.apple.com
About the security content of Safari 14.1 - Apple Support CONFIRM support.apple.com
Full Disclosure: APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5 FULLDISC seclists.org
Full Disclosure: APPLE-SA-2021-04-26-7 Safari 14.1 FULLDISC seclists.org
Full Disclosure: APPLE-SA-2021-04-26-9 iTunes 12.11.3 for Windows FULLDISC seclists.org
About the security content of iCloud for Windows 12.3 - Apple Support CONFIRM support.apple.com
Full Disclosure: APPLE-SA-2021-04-26-8 iCloud for Windows 12.3 FULLDISC seclists.org
security.FreeBSD.org/advisories/FreeBSD-SA-20:25.sctp.asc MISC security.FreeBSD.org
About the security content of macOS Big Sur 11.3 - Apple Support CONFIRM support.apple.com
About the security content of tvOS 14.5 - Apple Support CONFIRM support.apple.com
Sobre o conteúdo de segurança do watchOS 7.4 - Suporte da Apple CONFIRM support.apple.com
Full Disclosure: APPLE-SA-2021-04-26-2 macOS Big Sur 11.3 FULLDISC seclists.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 375503 Apple MacOS Big Sur 11.3 Not Installed (HT212325)
  • 375506 Apple iCloud for Windows Prior to 12.3 Multiple Vulnerabilities(HT212321)
  • 375508 Apple iTunes for Windows Prior to 12.11.3 Multiple Vulnerabilities (HT212319)
  • 375509 Apple Safari Multiple Vulnerabilities (HT212318)
  • 376650 Apple iTunes for Windows Prior to 12.11.3 Vulnerabilities (HT212319)
  • 376806 NetApp Clustered Data Open Network Technology for Appliance Products (ONTAP) Sensitive Information Disclosure Vulnerability (NTAP-20201016-0002)
  • 610334 Apple iOS 14.5 and iPadOS 14.5 Security Update Missing (HT212317)
  • 690488 Free Berkeley Software Distribution (FreeBSD) Security Update for Free Berkeley Software Distribution (FreeBSD) (77b877aa-ec18-11ea-88f8-901b0ef719ab)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report