FreeBSD-SA-20:21.usb : Potential memory corruption in USB network device drivers
Versions Affected : All verisons prior to FreeNAS 11.3-U4.1
Description
A missing length validation code common to these three drivers means that a malicious USB device could write beyond the end of an allocated network packet buffer.
An attacker with physical access to a USB port and the ability to bring a network interface up may be able to use a specially crafted USB device to gain kernel or user-space code execution.
Workaround
No workaround is available.
Mitigation
- Upgrade to FreeNAS 11.3-U5 or later.