CVE-2016-1879

Name of the Vulnerable Software and Affected Versions FreeBSD versions 9.3 before p33 FreeBSD versions 10.1 before p26 FreeBSD versions 10.2 before p9

Description The issue affects the Stream Control Transmission Protocol (SCTP) module when the kernel is configured for IPv6. It allows remote attackers to cause a denial of service, potentially leading to an assertion failure, NULL pointer dereference, or kernel panic, via a crafted ICMPv6 packet.

Recommendations For FreeBSD version 9.3, update to p33 or later to resolve the issue. For FreeBSD version 10.1, update to p26 or later to resolve the issue. For FreeBSD version 10.2, update to p9 or later to resolve the issue.