CVE Vulnerabilities

CVE-2020-11900

Double Free

Published: Jun 17, 2020 | Modified: Nov 21, 2024
CVSS 3.x
8.2
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.

Weakness

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Affected Software

Name Vendor Start Version End Version
Tcp/ip Treck * 6.0.1.41 (excluding)

Potential Mitigations

References