CVE-2023-4809

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD (affected versions not specified)

Description The issue is related to errors in the packet filter component of FreeBSD, specifically with the 'scrub fragment reassemble' rule. This can allow a remote attacker to bypass existing firewall rules by manipulating IPv6 fragmented packets. As a result, IPv6 fragments may bypass pf firewall rules and be forwarded or processed by the host.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-167

Related Identifiers

BDU:2023-05300

CVE-2023-4809

FREEBSD-SA-23_10

Affected Products

Freebsd

CVE-2023-4809

Weakness Enumeration

Related Identifiers

Affected Products

References · 21