Stack Overflow Vulnerability in Network Traffic Processing on FreeBSD Systems
CVE-2026-7164

7.5HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 30 April 2026

What is CVE-2026-7164?

A vulnerability exists in the FreeBSD pf (packet filter) component due to incorrect validation of SCTP chunk parameters. This issue allows remote attackers to send specially crafted packets that can trigger unbounded recursion during the parsing process, potentially leading to a stack overflow and system panic. This vulnerability affects all systems configured to use pf for traffic processing, regardless of the active ruleset, posing a significant risk to network integrity.

Affected Version(s)

FreeBSD 15.0-RELEASE

FreeBSD 14.4-RELEASE

FreeBSD 14.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:14....

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Apr 27, 2026

Credit

Igor Gabriel Sousa e Souza

CVE-2026-7164 Data

JSON