PT-2026-36011 · Pf+1 · Pf+1
Igor Gabriel Sousa E Souza
·
Published
2026-04-29
·
Updated
2026-04-30
·
CVE-2026-7164
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
(affected versions not specified)
Description
Incorrect packet validation allows unbounded recursion when parsing SCTP chunk parameters, which can lead to a stack overflow and system panic. Remote attackers can trigger this by crafting specific packets. This issue affects any system where pf is configured to process traffic, regardless of the active ruleset.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Uncontrolled Recursion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Freebsd
Pf