Vulnerability Details CVE-2023-27567
In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.7%
CVSS Severity
CVSS v3 Score 7.5
References
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/013_tcp.patch.sig
- https://github.com/openbsd/src/commit/0a543725ccdd2a01669122ce79bb67e66ede77f2
- https://security.netapp.com/advisory/ntap-20230406-0001/
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/013_tcp.patch.sig
- https://github.com/openbsd/src/commit/0a543725ccdd2a01669122ce79bb67e66ede77f2
- https://security.netapp.com/advisory/ntap-20230406-0001/