Remote denial of service in IPv6 fragment reassembly
CVE-2023-3107

7.5HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 1 August 2023

What is CVE-2023-3107?

The vulnerability arises from an integer overflow triggered by specially crafted IPv6 packets that affect FreeBSD's handling of fragment reassembly. This flaw can cause the kernel to panic, resulting in a denial of service condition, thereby disrupting the availability of the system. System administrators should implement recommended patches to safeguard against potential exploitation.

Affected Version(s)

FreeBSD 13.2-RELEASE < 13.2-RELEASE-p2

FreeBSD 13.1-RELEASE < 13.1-RELEASE-p9

FreeBSD 12.4-RELEASE < 12.4-RELEASE-p4

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-23:06....

vendor-advisory

https://security.netapp.com/advisory/ntap-20230804-0001/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 1, 2023
Vulnerability Reserved
Jun 5, 2023

Credit

Zweig of Kunlun Lab