FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- IPv6 remote Denial-of-Service

Affected packages
12.0 <= FreeBSD-kernel < 12.0_10
11.3 <= FreeBSD-kernel < 11.3_3
11.2 <= FreeBSD-kernel < 11.2_14


VuXML ID 4d3d4f64-f680-11e9-a87f-a4badb2f4699
Discovery 2019-08-20
Entry 2019-10-24

Problem Description:

Due do a missing check in the code of m_pulldown(9) data returned may not be contiguous as requested by the caller.


Extra checks in the IPv6 code catch the error condition and trigger a kernel panic leading to a remote DoS (denial-of-service) attack with certain Ethernet interfaces. At this point it is unknown if any other than the IPv6 code paths can trigger a similar condition.


CVE Name CVE-2019-5611
FreeBSD Advisory SA-19:22.mbuf