Severity: Unknown
Affected Package: kernel
Summary: Memory corruption in kern_getfsstat()
A memory corruption vulnerability in the kernel's kern_getfsstat() system call. An earlier fix for a related issue (CVE-2018-17154) was incomplete because it incorrectly assumed the problem was a NULL pointer dereference. A local user could trigger memory corruption. Originally published as MIDNIGHTBSD-SA-20:01.
No specific recommendations provided.
Aliases: CVE-2020-24863
Published: September 02, 2020
Last Modified: September 02, 2020