7.5

CVE-2025-14769

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine.  A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference.

Maliciously crafted packets sent from a remote host may result in a Denial of Service (DoS) if the `tcp-setmss` directive is used and a subsequent rule would allow the traffic to pass.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version13.5 Update-
FreebsdFreebsd Version13.5 Updatep1
FreebsdFreebsd Version13.5 Updatep2
FreebsdFreebsd Version13.5 Updatep3
FreebsdFreebsd Version13.5 Updatep4
FreebsdFreebsd Version13.5 Updatep5
FreebsdFreebsd Version13.5 Updatep6
FreebsdFreebsd Version13.5 Updatep7
FreebsdFreebsd Version14.3 Update-
FreebsdFreebsd Version14.3 Updatep1
FreebsdFreebsd Version14.3 Updatep2
FreebsdFreebsd Version14.3 Updatep3
FreebsdFreebsd Version14.3 Updatep4
FreebsdFreebsd Version14.3 Updatep5
FreebsdFreebsd Version14.3 Updatep6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.008
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.