CVE-2020-17469

Name of the Vulnerable Software and Affected Versions FNET versions through 4.6.4

Description An issue in the IPv6 fragment reassembly code causes an uninitialized pointer dereference in the fnet ip6 reassembly function in fnet ip6.c, leading to a Denial-of-Service. This occurs when the code tries to access a previous fragment from a network incoming fragment that does not have a reference to the previous one, and there are empty holes between the fragments in a non-empty fragment list.

Recommendations For FNET versions through 4.6.4, as a temporary workaround, consider disabling the IPv6 fragment reassembly functionality until a patch is available. Restrict access to the fnet ip6 reassembly function in fnet ip6.c to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.