Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2010-2020

sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.

  • Published: May 28, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-2020
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
freebsd / freebsd 8.0 8.0.x
freebsd / freebsd 8.1-prerelease 8.1-prerelease.x
freebsd / freebsd 7.2-pre-release 7.2-pre-release.x
freebsd / freebsd 7.2 7.2.x
freebsd / freebsd 7.2-stable 7.2-stable.x