Netapp

**Name of the Vulnerable Software and Affected Versions** FreeBSD versions prior to 13.1-RELEASE-p5 FreeBSD versions prior to 12.4-RC2-p2 FreeBSD versions prior to 12.3-RELEASE-p10 **Description** The issue is related to the ping utility in FreeBSD, which reads raw IP packets from the network to process responses in the `pr pack()` function. The function reconstructs the IP header, the ICMP header, and if present, a "quoted packet," which represents the packet that generated an ICMP error. However, it fails to account for the possible presence of IP option headers following the IP header in either the response or the quoted packet, leading to a buffer overflow of up to 40 bytes when IP options are present. This can be triggered by a remote host, causing the ping program to crash. The ping process runs in a capability mode sandbox, which constrains its interaction with the rest of the system. **Recommendations** For versions prior to 13.1-RELEASE-p5, update to 13.1-RELEASE-p5 or later. For versions prior to 12.4-RC2-p2, update to 12.4-RC2-p2 or later. For versions prior to 12.3-RELEASE-p10, update to 12.3-RELEASE-p10 or later. As a temporary workaround, consider restricting access to the ping utility until a patch is applied.