PT-2016-4909 · Freebsd · Freebsd

Jonathan T. Looney

Published

2016-01-14

Updated

2017-09-10

CVE-2016-1879

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD versions 9.3 before p33 FreeBSD versions 10.1 before p26 FreeBSD versions 10.2 before p9

Description The issue affects the Stream Control Transmission Protocol (SCTP) module when the kernel is configured for IPv6. It allows remote attackers to cause a denial of service, potentially leading to an assertion failure, NULL pointer dereference, or kernel panic, via a crafted ICMPv6 packet.

Recommendations For FreeBSD version 9.3, update to p33 or later to resolve the issue. For FreeBSD version 10.1, update to p26 or later to resolve the issue. For FreeBSD version 10.2, update to p9 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-1879

FREEBSD-SA-16_01

Affected Products

Freebsd

PT-2016-4909 · Freebsd · Freebsd

CVE-2016-1879

Related Identifiers

Affected Products

References · 6