3 matches found
EUVD-2025-208406
In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...
CVE-2025-14769
In some cases, the tcp-setmss handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host ma...
CVE-2025-14769
CVE-2025-14769 affects FreeBSD ipfw: the tcp-setmss handler may free packet data and raise an error without halting rule processing. A subsequent rule can then allow traffic after the data is gone, causing a NULL pointer dereference and a Denial of Service when remote-crafted packets are sent if ...