CVE-2021-29630 Information

Description

In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9 12.2-STABLE before r370383 11.4-STABLE before r370381 13.0-RELEASE before p4 12.2-RELEASE before p10 and 11.4-RELEASE before p13 the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://security.FreeBSD.org/advisories/FreeBSD-SA-21:14.ggatec.asc https://security.netapp.com/advisory/ntap-20210923-0005/

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.1