CVE-2019-5597: Input Validation
First published: Wed May 15 2019(Updated: )
In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of the first packet allowing maliciously crafted IPv6 packets to cause a crash or potentially bypass the packet filter.
Credit: secteam@freebsd.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD Kernel | =11.2 | |
| FreeBSD Kernel | =11.2-p2 | |
| FreeBSD Kernel | =11.2-p3 | |
| FreeBSD Kernel | =11.2-p4 | |
| FreeBSD Kernel | =11.2-p5 | |
| FreeBSD Kernel | =11.2-p6 | |
| FreeBSD Kernel | =11.2-p7 | |
| FreeBSD Kernel | =11.2-p9 | |
| FreeBSD Kernel | =12.0 | |
| FreeBSD Kernel | =12.0-p1 | |
| FreeBSD Kernel | =12.0-p3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/152933/FreeBSD-Security-Advisory-FreeBSD-SA-19-05.pf.html
- http://www.securityfocus.com/bid/108395
- https://security.FreeBSD.org/advisories/FreeBSD-SA-19:05.pf.asc
- https://security.netapp.com/advisory/ntap-20190611-0001/
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://www.synacktiv.com/ressources/Synacktiv_OpenBSD_PacketFilter_CVE-2019-5597_ipv6_frag.pdf
Frequently Asked Questions
What is the severity of CVE-2019-5597?
CVE-2019-5597 has been classified as a medium severity vulnerability due to its potential impact on processing IPv6 packets.
How do I fix CVE-2019-5597?
To fix CVE-2019-5597, update your FreeBSD installation to version 11.2-RELEASE-p10, 12.0-RELEASE-p4, or later versions.
What versions of FreeBSD are affected by CVE-2019-5597?
CVE-2019-5597 affects FreeBSD versions 11.2-RELEASE before 11.2-RELEASE-p10 and 12.0-RELEASE before 12.0-RELEASE-p4.
What type of vulnerability is CVE-2019-5597?
CVE-2019-5597 is a bug in the pf IPv6 fragment reassembly logic that can lead to improper handling of network packets.
Is there any workaround for CVE-2019-5597?
There are no known effective workarounds for CVE-2019-5597, so applying the appropriate software update is recommended.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/remedy
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/freebsd
- canonical/freebsd kernel
- version/freebsd kernel/11.2
- version/freebsd kernel/11.2-p2
- version/freebsd kernel/11.2-p3
- version/freebsd kernel/11.2-p4
- version/freebsd kernel/11.2-p5
- version/freebsd kernel/11.2-p6
- version/freebsd kernel/11.2-p7
- version/freebsd kernel/11.2-p9
- version/freebsd kernel/12.0
- version/freebsd kernel/12.0-p1
- version/freebsd kernel/12.0-p3