Jonathan T. Looney

#17107of 53,635
15.6Total CVSS
Vulnerabilities · 2
High
2
PT-2016-4909
7.8
2016-01-14
Freebsd · Freebsd · CVE-2016-1879
**Name of the Vulnerable Software and Affected Versions** FreeBSD versions 9.3 before p33 FreeBSD versions 10.1 before p26 FreeBSD versions 10.2 before p9 **Description** The issue affects the Stream Control Transmission Protocol (SCTP) module when the kernel is configured for IPv6. It allows remote attackers to cause a denial of service, potentially leading to an assertion failure, NULL pointer dereference, or kernel panic, via a crafted ICMPv6 packet. **Recommendations** For FreeBSD version 9.3, update to p33 or later to resolve the issue. For FreeBSD version 10.1, update to p26 or later to resolve the issue. For FreeBSD version 10.2, update to p9 or later to resolve the issue.
PT-2016-4910
7.8
2016-01-14
Freebsd · Freebsd · CVE-2016-1882
**Name of the Vulnerable Software and Affected Versions** FreeBSD versions 9.3 before p33 FreeBSD versions 10.1 before p26 FreeBSD versions 10.2 before p9 **Description** The issue allows remote attackers to cause a denial of service, resulting in a kernel crash. This is achieved through vectors related to creating a TCP connection with the `TCP MD5SIG` and `TCP NOOPT` socket options. **Recommendations** For FreeBSD version 9.3, update to p33 or later. For FreeBSD version 10.1, update to p26 or later. For FreeBSD version 10.2, update to p9 or later.