CVE-2023-6534

Published Dec 13, 2023

Last updated 10 months ago

CVSS high 7.5

Overview

Description: In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack against hosts behind the firewall.
Source: secteam@freebsd.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24920B4D-96C0-401F-B679-BEB086760EAF"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CE32730-A9F5-4E8D-BDA4-6B8232F84787"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "552E81DE-D409-475F-8ED0-E10A0BE43D29"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "251CAE22-C3E6-45AD-8301-F36BEE5C6860"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85D94BCA-FA32-4C10-95CD-5D2A69B38A7A"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C950F97-40B4-43BF-BB81-C49CE00A468B"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FFBAD22-5712-472D-ADAF-13DE0826F888"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "888336D6-CA3C-45ED-90EA-C94A3146F1E9"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7314B63B-75AF-44EF-9F4C-DDF7A18B77E2"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA821886-B26B-47A6-ABC9-B8F70CE0ACFB"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "220629AD-32CC-4303-86AE-1DD27F0E4C65"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3306F11-D3C0-41D6-BB5E-2ABDC3927715"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E584FE1-3A34-492B-B10F-508DA7CBA768"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "761B4382-E857-4868-9F80-189B7F60256B"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51B17801-15FD-4425-BA6C-BE06B14F1BFE"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA25530A-133C-4D7C-8993-D5C42D79A0B5"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A72B5A-2189-4700-8E8B-1E5E7CA86C40"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "038E5B85-7F60-4D71-8D3F-EDBF6E036CE0"
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF309824-D379-4749-A1FA-BCB2987DD671"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References