CVE-2023-52556

In OpenBSD 7.4 before errata 009, a race condition between pf4's processing of packets and expiration of packet states may cause a kernel panic...

Race condition

In OpenBSD 7.4 before errata 009, a race condition between pf4's processing of packets and expiration of packet states may cause a kernel panic...

CVE-2023-52556

CVE-2023-52556 affects OpenBSD 7.4 before errata 009. The issue is a race condition in pf(4) packet processing and the expiration of packet states that can trigger a kernel panic. Impact is a local denial (kernel crash) described in the OpenBSD advisory, with no exposed remote vector. Remediation...

CVE-2023-6534

In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf4 packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack against...

Code injection

In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf4 packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack against...

CVE-2023-6534

CVE-2023-6534 refers to a FreeBSD pf(4) TCP sequence number validation bug. The flaw allows a remote attacker to inject TCP packets and potentially cause a denial-of-service for hosts behind the firewall. Affected are FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, 13.2-RELEASE before 13.2-RELEASE-p...

FreeBSD-SA-23:17.pf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:17.pf Security Advisory The FreeBSD Project Topic: TCP spoofing vulnerability in pf4 Category: core Module: pf Announced: 2023-12-05 Credits: Yuxiang Yang, A...

FreeBSD : FreeBSD -- TCP spoofing vulnerability in pf(4) (9cbbc506-93c1-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9cbbc506-93c1-11ee-8e38-002590c1f29c advisory. - As part of its stateful TCP connection tracking implementation, pf performs sequence number validatio...

FreeBSD : FreeBSD -- IPv6 fragment reassembly panic in pf(4) (3d02520d-b309-11e9-a87f-a4badb2f4699)

A bug in the pf4 IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of from the first packet. Impact : Malicious IPv6 packets with different IPv6 extensions could cause a kernel panic or potentially a filtering rule bypass. C...

FreeBSD -- IPv6 fragment reassembly panic in pf(4)

Problem Description: A bug in the pf4 IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of from the first packet. Impact: Malicious IPv6 packets with different IPv6 extensions could cause a kernel panic or potentially a filterin...

FreeBSD Security Advisory FreeBSD-SA-15:19.routed

============================================================================= FreeBSD-SA-15:19.routed Security Advisory The FreeBSD Project Topic: routed8 remote denial of service vulnerability Category: core Module: routed Announced: 2015-08-05 Credits: Hiroki Sato Affects: All supported version...

FreeBSD-SA-11:01.mountd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:01.mountd Security Advisory The FreeBSD Project Topic: Network ACL mishandling in mountd8 Category: core Module: mountd Announced: 2011-04-20 Credits: Ruslan...

FreeBSD-SA-06:07.pf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:07.pf Security Advisory The FreeBSD Project Topic: IP fragment handling panic in pf4 Category: contrib Module: syscontrib Announced: 2006-01-25 Credits: Jakob...