CVE-2020-25579

Summary

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes.

Affected Software

VendorProductVersion RangeStatus
n/aFreeBSDFreeBSD 12.2-RELEASE before p3, 12.1-RELEASE before p13, 11.4-RELEASE before p7affected

Weaknesses

  • Improper initialization

ADP Enrichment

CVE Program Container

Additional References

References