Integer Overflow Vulnerability in nmreq_copyin() Function
CVE-2022-23085 · Severity
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
Learn more about our User Device Pen Test.