FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- ipfw denial of service

Affected packages
15.0 <= FreeBSD-kernel < 15.0_1
14.3 <= FreeBSD-kernel < 14.3_7
13.5 <= FreeBSD-kernel < 13.5_8

Details

VuXML ID 0b22e22a-dae9-11f0-80b8-bc241121aa0a
Discovery 2025-12-16
Entry 2025-12-17

Problem Description:

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference.

Impact:

Maliciously crafted packets sent from a remote host may result in a Denial of Service (DoS) if the `tcp-setmss` directive is used and a subsequent rule would allow the traffic to pass.

References

CVE Name CVE-2025-14769
FreeBSD Advisory SA-25:11.ipfw

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.