FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Integer overflow in IGMP protocol

Affected packages
10.1	<=	FreeBSD-kernel	<	10.1_9
9.3	<=	FreeBSD-kernel	<	9.3_13
8.4	<=	FreeBSD-kernel	<	8.4_27

Details

VuXML ID	0afe8b29-600a-11e6-a6c3-14dae9d210b8
Discovery	2015-02-25
Entry	2016-08-11

Problem Description:

An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation.

Impact:

An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash.

References

CVE Name	CVE-2015-1414
FreeBSD Advisory	SA-15:04.igmp

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.