FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- routed(8) remote denial of service vulnerability

Affected packages
10.0 <= FreeBSD < 10.0_10
9.3 <= FreeBSD < 9.3_3
9.2 <= FreeBSD < 9.2_13
9.1 <= FreeBSD < 9.1_20
8.4 <= FreeBSD < 8.4_17

Details

VuXML ID 734233f4-6007-11e6-a6c3-14dae9d210b8
Discovery 2014-10-21
Entry 2016-08-11

Problem Description:

The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network.

Impact:

Upon receipt of a query from a source which is not on a directly connected network, routed(8) will trigger an assertion and terminate. The affected system's routing table will no longer be updated. If the affected system is a router, its routes will eventually expire from other routers' routing tables, and its networks will no longer be reachable unless they are also connected to another router.

References

CVE Name CVE-2014-3955
FreeBSD Advisory SA-14:21.routed