CVE-2018-6916

2018-03-0700:00:00

freebsd

www.cve.org

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.2%

JSON

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results.

CNA Affected

[
  {
    "product": "FreeBSD",
    "vendor": "FreeBSD",
    "versions": [
      {
        "status": "affected",
        "version": "All supported versions of FreeBSD"
      }
    ]
  }
]