Back to search
CVE-2019-5611
Published: Aug 29, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service.
| Vendor | Product | Versions |
|---|---|---|
n/a | FreeBSD | affected 12.0-RELEASE before 12.0-RELEASE-p10affected 11.3-RELEASE before 11.3-RELEASE-p3affected 11.2-RELEASE before 11.2-RELEASE-p14 |
References
FreeBSD-SA-19:22
vendor-advisory
x_refsource_FREEBSD
20190821 FreeBSD Security Advisory FreeBSD-SA-19:22.mbuf
mailing-list
x_refsource_BUGTRAQ
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:22.mbuf.asc
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20190910-0002/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now