CVE-2018-6923

Published Sep 4, 2018

Last updated 6 years ago

CVSS high 7.5

Overview

Description: In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker who is able to send an arbitrary ip fragments to cause the machine to consume excessive resources.
Source: secteam@freebsd.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "582B9BF3-5BF1-44A3-A580-62F2D44FDD34"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7752D43D-64AF-474F-BFBB-2625A29C1B88"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4F7F02A-C845-40BF-8490-510A070000F3"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F948527C-A01E-4315-80B6-47FACE18A34F"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F25FB59-1E4F-4420-8482-8007FF5E2411"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C94B745-BD27-423D-BBB6-A821CD9BC1C4"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CF1F9EF-01AF-4708-AE02-765360AF3D66"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9899C87E-2C09-46AE-BC24-1ACF012784CA"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD5ECA1A-D9B4-4ED7-95EC-684E7AA2B765"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30C501A1-FE2D-41E7-A5DB-C61D8701B9B4"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DB4C0E8-8E50-44B1-BE0C-4C261D9E9730"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6BD5BFF-260A-4A9E-B0AA-C8B8386B154E"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D78E559A-430D-4D50-8A83-58A37D393471"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C560926-7789-4052-819D-C36C43C9C61E"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57052F01-8695-4C63-A947-7671375B9312"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA79CE41-D873-4A4A-A20C-83EB8772E5FA"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53E56F4F-B418-44DD-9C97-7276A4C58F3E"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5288B41-ED07-487E-BECD-59978D0F0686"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References