Kernel Panic Vulnerability in FreeBSD's ipfilter with keep state or keep frags options

Kernel Panic Vulnerability in FreeBSD's ipfilter with keep state or keep frags options

CVE-2017-1081 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling.

Learn more about our Web Application Penetration Testing UK.