7.5

CVE-2023-6534

In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers.  This could allow a malicious actor to execute a denial-of-service attack against hosts behind the firewall.

Data is provided by the National Vulnerability Database (NVD)
FreebsdFreebsd Version12.4 Update-
FreebsdFreebsd Version12.4 Updatep1
FreebsdFreebsd Version12.4 Updatep2
FreebsdFreebsd Version12.4 Updatep3
FreebsdFreebsd Version12.4 Updatep4
FreebsdFreebsd Version12.4 Updatep5
FreebsdFreebsd Version12.4 Updatep6
FreebsdFreebsd Version12.4 Updatep7
FreebsdFreebsd Version12.4 Updatep8
FreebsdFreebsd Version12.4 Updaterc2-p1
FreebsdFreebsd Version12.4 Updaterc2-p2
FreebsdFreebsd Version13.2 Update-
FreebsdFreebsd Version13.2 Updatep1
FreebsdFreebsd Version13.2 Updatep2
FreebsdFreebsd Version13.2 Updatep3
FreebsdFreebsd Version13.2 Updatep4
FreebsdFreebsd Version13.2 Updatep5
FreebsdFreebsd Version13.2 Updatep6
FreebsdFreebsd Version14.0 Update-
FreebsdFreebsd Version14.0 Updatebeta5
FreebsdFreebsd Version14.0 Updatep1
FreebsdFreebsd Version14.0 Updaterc3
FreebsdFreebsd Version14.0 Updaterc4-p1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.26% 0.49
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H