Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pfsense | Netgate | 2.2.1 (including) | 2.2.1 (including) |
| Kfreebsd-8 | Ubuntu | lucid | * |
References
- http://www.debian.org/security/2015/dsa-3175
- http://www.securityfocus.com/bid/72777
- http://www.securitytracker.com/id/1031798
- https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107
- https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc
- https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc
- http://www.debian.org/security/2015/dsa-3175
- http://www.securityfocus.com/bid/72777
- http://www.securitytracker.com/id/1031798
- https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107
- https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc
- https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc