Stack Consumption Vulnerabilities in NetBSD When IPsec is Enabled
CVE-2011-1547

Currently unrated

Key Information:

Vendor

Netbsd

Status
Netbsd
Vendor
CVE Published:
9 May 2011

What is CVE-2011-1547?

Multiple stack consumption vulnerabilities exist in the NetBSD kernel related to IPsec functionality. When IPsec is enabled, remote attackers can exploit these vulnerabilities by sending carefully crafted IPv4 or IPv6 packets containing nested IPComp headers. This can lead to denial of service situations such as memory corruption or kernel panic, potentially affecting system availability. It is crucial for users of affected NetBSD versions to patch their systems to mitigate these vulnerabilities.

References

http://www.kb.cert.org/vuls/id/668220
third-party-advisoryx_refsource_CERT-VN
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetB...
vendor-advisoryx_refsource_NETBSD
http://lists.grok.org.uk/pipermail/full-disclosure/2011-A...
mailing-listx_refsource_FULLDISC

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.