CVE-2023-3107 Remote denial of service in IPv6 fragment reassembly

2023-08-0122:01:07

CWE-190

freebsd

www.cve.org

cve-2023-3107

remote

integer overflow

kernel panic

0.001 Low

EPSS

Percentile

23.1%

JSON

A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet’s payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "ipv6"
    ],
    "product": "FreeBSD",
    "vendor": "FreeBSD",
    "versions": [
      {
        "lessThan": "13.2-RELEASE-p2",
        "status": "affected",
        "version": "13.2-RELEASE",
        "versionType": "release"
      },
      {
        "lessThan": "13.1-RELEASE-p9",
        "status": "affected",
        "version": "13.1-RELEASE",
        "versionType": "release"
      },
      {
        "lessThan": "12.4-RELEASE-p4",
        "status": "affected",
        "version": "12.4-RELEASE",
        "versionType": "release"
      }
    ]
  }
]