Vulnerability in Freebsd

CVE-2015-1414

Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and al…

EPSS: 0.042 (89.5th percentile) — read the EPSS interpretation.

Affected products

Freebsd — versions 8.4, 9.0, 9.1
Netgate Pfsense — versions 2.2.1
Debian Debian_linux — versions 7.0
N/a — versions n/a

References

DSA-3175 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
72777 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
FreeBSD-SA-15:04 (x_refsource_FREEBSD, vendor-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
1031798 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)