EUVD-2026-26352

🗓️ 30 Apr 2026 07:23:52Reported by EUVDType

Incorrect SCTP validation enables unbounded recursion, causing stack overflow in pf systems.

Reporter	Title	Published	Views	Family All 13
FreeBSD	FreeBSD -- pf can overflow the stack parsing crafted SCTP packets	29 Apr 202600:00	–	freebsd
ATTACKERKB	CVE-2026-7164	30 Apr 202607:23	–	attackerkb
Circl	CVE-2026-7164	30 Apr 202618:07	–	circl
CNNVD	FreeBSD 安全漏洞	30 Apr 202600:00	–	cnnvd
CVE	CVE-2026-7164	30 Apr 202607:23	–	cve
Cvelist	CVE-2026-7164 pf can overflow the stack parsing crafted SCTP packets	30 Apr 202607:23	–	cvelist
FreeBSD Advisory	FreeBSD-SA-26:14.pf	29 Apr 202600:00	–	freebsd_advisory
Tenable Nessus	FreeBSD : FreeBSD -- pf can overflow the stack parsing crafted SCTP packets (225ba563-4435-11f1-bb07-bc241121aa0a)	30 Apr 202600:00	–	nessus
NVD	CVE-2026-7164	30 Apr 202608:16	–	nvd
Packet Storm News	FreeBSD Security Advisory - FreeBSD-SA-26:14.pf	29 Apr 202600:00	–	packetstormnews

[
  {
    "enisaIdVendor": [
      {
        "id": "a0a5be0f-3e1c-3541-933b-0d199fd6a8d1",
        "vendor": {
          "name": "FreeBSD"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0a2fc6fd-ec21-3ad4-b736-83a05bed0193",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "14.4-RELEASE <p3"
      },
      {
        "id": "97afe6e7-a48f-386a-acfd-7a72d04fc2c6",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "13.5-RELEASE <p13"
      },
      {
        "id": "dce3ec44-2bc1-326f-b0f0-1f48c6a11f1c",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "15.0-RELEASE <p7"
      },
      {
        "id": "f7ea0d6d-e94f-35e3-803d-35e9bf27295c",
        "product": {
          "name": "FreeBSD"
        },
        "product_version": "14.3-RELEASE <p12"
      }
    ]
  }
]

Source	Link
security	www.security.freebsd.org/advisories/FreeBSD-SA-26:14.pf.asc

30 Apr 2026 13:09Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.17.5

EPSS0.00065

SSVC