CVE-2015-1414

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 8.4 p24 FreeBSD versions 9.x prior to 9.3 p10 FreeBSD versions 10.0 prior to p18 FreeBSD versions 10.1 prior to p6

Description The issue is caused by an integer overflow that allows remote attackers to trigger a denial of service, resulting in a system crash. This is achieved by sending a crafted IGMP packet, which causes an incorrect size calculation and allocation of insufficient memory.

Recommendations For FreeBSD versions prior to 8.4 p24, update to version 8.4 p24 or later. For FreeBSD versions 9.x prior to 9.3 p10, update to version 9.3 p10 or later. For FreeBSD versions 10.0 prior to p18, update to version 10.0 p18 or later. For FreeBSD versions 10.1 prior to p6, update to version 10.1 p6 or later.