Lucene search
FreebsdCVELIST:CVE-2023-4809HistorySep 06, 2023 - 7:26 p.m.
CVE-2023-4809 pf incorrectly handles multiple IPv6 fragment headers
2023-09-0619:26:45
CWE-167
freebsd
www.cve.org
1
cve-2023-4809
pf packet processing
ipv6 fragment headers
firewall rules
payload interpretation
security vulnerability
0.001 Low
EPSS
Percentile
21.4%
In pf packet processing with a ‘scrub fragment reassemble’ rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is.
As a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"pf"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p3",
"status": "affected",
"version": "13.2-RELEASE",
"versionType": "release"
},
{
"lessThan": "p5",
"status": "affected",
"version": "12.4-RELEASE",
"versionType": "release"
}
]
}
]Related
cve
cve
CVE-2023-4809
2023-09-06 20:15:08
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:10.pf
2023-09-06 00:00:00
nvd
nvd
CVE-2023-4809
2023-09-06 20:15:08
freebsd
freebsd
FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers
2023-09-06 00:00:00
nessus
nessus
prion
prion
Design/Logic Flaw
2023-09-06 20:15:00