In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results.
References
Link | Resource |
---|---|
http://www.securitytracker.com/id/1040460 | Third Party Advisory VDB Entry |
https://www.freebsd.org/security/advisories/FreeBSD-SA-18:01.ipsec.asc | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: freebsd
Published: 2018-03-07T00:00:00
Updated: 2018-03-10T10:57:01
Reserved: 2018-02-12T00:00:00
Link: CVE-2018-6916
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-09T15:29:00.313
Modified: 2018-03-29T14:03:17.970
Link: CVE-2018-6916
JSON object: View
Redhat Information
No data.
CWE