CVE-2023-4809

EPSS 0.48%
Published 06.09.2023 20:15:08
Last modified 13.02.2025 18:15:47
Source secteam@freebsd.org
Teams watchlist Login
Open Login

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed.  That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is.




As a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Freebsd ≫ Freebsd Version < 12.4

Freebsd ≫ Freebsd Version >= 13.0 < 13.2

Freebsd ≫ Freebsd Version12.4 Update-

Freebsd ≫ Freebsd Version12.4 Updatep1

Freebsd ≫ Freebsd Version12.4 Updatep2

Freebsd ≫ Freebsd Version12.4 Updatep3

Freebsd ≫ Freebsd Version12.4 Updatep4

Freebsd ≫ Freebsd Version12.4 Updaterc2-p1

Freebsd ≫ Freebsd Version12.4 Updaterc2-p2

Freebsd ≫ Freebsd Version13.2 Update-

Freebsd ≫ Freebsd Version13.2 Updatep1

Freebsd ≫ Freebsd Version13.2 Updatep2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.48%	0.64

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-167 Improper Handling of Additional Special Element

The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.

http://www.openwall.com/lists/oss-security/2023/09/08/5

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/08/6

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2023/09/08/7

Third Party Advisory

Mailing List

https://security.FreeBSD.org/advisories/FreeBSD-SA-23:10.pf.asc

Vendor Advisory

https://security.netapp.com/advisory/ntap-20231221-0009/

https://nvd.nist.gov/vuln/detail/CVE-2023-4809

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-4809

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-4809

EUVD