FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
9cbbc506-93c1-11ee-8e38-002590c1f29c	FreeBSD -- TCP spoofing vulnerability in pf(4) Problem Description: As part of its stateful TCP connection tracking implementation, pf performs sequence number validation on inbound packets. This makes it difficult for a would-be attacker to spoof the sender and inject packets into a TCP stream, since crafted packets must contain sequence numbers which match the current connection state to avoid being rejected by the firewall. A bug in the implementation of sequence number validation means that the sequence number is not in fact validated, allowing an attacker who is able to impersonate the remote host and guess the connection's port numbers to inject packets into the TCP stream. Impact: An attacker can, with relatively little effort, inject packets into a TCP stream destined to a host behind a pf firewall. This could be used to implement a denial-of-service attack for hosts behind the firewall, for example by sending TCP RST packets to the host. Discovery 2023-12-05 Entry 2023-12-05 Modified 2023-12-14 FreeBSD-kernel >= 14.0 lt 14.0_2 >= 13.2 lt 13.2_4 >= 12.4 lt 12.4_6 CVE-2023-6534 SA-23:17.pf

VuXML ID

Description

9cbbc506-93c1-11ee-8e38-002590c1f29c

FreeBSD -- TCP spoofing vulnerability in pf(4)

Problem Description:

As part of its stateful TCP connection tracking implementation, pf performs sequence number validation on inbound packets. This makes it difficult for a would-be attacker to spoof the sender and inject packets into a TCP stream, since crafted packets must contain sequence numbers which match the current connection state to avoid being rejected by the firewall.

A bug in the implementation of sequence number validation means that the sequence number is not in fact validated, allowing an attacker who is able to impersonate the remote host and guess the connection's port numbers to inject packets into the TCP stream.

Impact:

An attacker can, with relatively little effort, inject packets into a TCP stream destined to a host behind a pf firewall. This could be used to implement a denial-of-service attack for hosts behind the firewall, for example by sending TCP RST packets to the host.

Discovery 2023-12-05
Entry 2023-12-05
Modified 2023-12-14
FreeBSD-kernel

>= 14.0 lt 14.0_2

>= 13.2 lt 13.2_4

>= 12.4 lt 12.4_6

CVE-2023-6534
SA-23:17.pf