In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: freebsd
Published: 2020-07-09T13:47:03
Updated: 2024-08-04T09:25:48.986Z
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7458
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-09T14:15:10.980
Modified: 2024-11-21T05:37:11.110
Link: CVE-2020-7458
Redhat
No data.