CVE-2025-14558

Name of the Vulnerable Software and Affected Versions FreeBSD (affected versions not specified)

Description A remote code execution issue exists in the IPv6 autoconfiguration handler in FreeBSD. The issue is present in the rtsold background process and the rtsol utility. An attacker can achieve remote code execution with root privileges by sending a specially crafted IPv6 router advertisement packet. Router Advertisement (RA) messages used to exploit this issue are not routed and should be dropped by routers. To successfully exploit this, an attacker must be able to send a crafted packet from a system within the same network segment as the vulnerable host.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.