CVE-2018-6916

Name of the Vulnerable Software and Affected Versions: FreeBSD versions prior to 11.1-STABLE FreeBSD versions prior to 11.1-RELEASE-p7 FreeBSD versions prior to 10.4-STABLE FreeBSD versions prior to 10.4-RELEASE-p7 FreeBSD versions prior to 10.3-RELEASE-p28

Description: The issue is related to the kernel's improper validation of IPsec packets from a trusted host and a use-after-free vulnerability in the IPsec AH handling code. This could lead to a system crash or other unpredictable results. The vulnerability may also allow a remote attacker to execute arbitrary code.

Recommendations: For versions prior to 11.1-STABLE, update to 11.1-STABLE or later. For versions prior to 11.1-RELEASE-p7, update to 11.1-RELEASE-p7 or later. For versions prior to 10.4-STABLE, update to 10.4-STABLE or later. For versions prior to 10.4-RELEASE-p7, update to 10.4-RELEASE-p7 or later. For versions prior to 10.3-RELEASE-p28, update to 10.3-RELEASE-p28 or later.