CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-6916

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 9.0

References

http://www.securitytracker.com/id/1040460
https://www.freebsd.org/security/advisories/FreeBSD-SA-18:01.ipsec.asc
http://www.securitytracker.com/id/1040460
https://www.freebsd.org/security/advisories/FreeBSD-SA-18:01.ipsec.asc

Products affected by CVE-2018-6916

Freebsd » Freebsd » Version: 10.3

cpe:2.3:o:freebsd:freebsd:10.3
Freebsd » Freebsd » Version: 10.4

cpe:2.3:o:freebsd:freebsd:10.4
Freebsd » Freebsd » Version: 11.0

cpe:2.3:o:freebsd:freebsd:11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6916

Products

Pricing

Contact Us