CVE-2023-27567
First published: Fri Mar 03 2023(Updated: )
In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openbsd Openbsd | =7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-27567.
What is the affected software?
The affected software is OpenBSD 7.2.
What is the severity of CVE-2023-27567?
The severity of CVE-2023-27567 is high with a CVSS score of 7.5.
How can the vulnerability be exploited?
The vulnerability can be exploited by sending a TCP packet with destination port 0 that matches a pf divert-to rule in OpenBSD 7.2.
Is there a patch available for CVE-2023-27567?
Yes, a patch is available for CVE-2023-27567. You can find the patch at the following links: [Link 1](https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/013_tcp.patch.sig), [Link 2](https://github.com/openbsd/src/commit/0a543725ccdd2a01669122ce79bb67e66ede77f2).
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- vendor/openbsd
- canonical/openbsd openbsd
- version/openbsd openbsd/7.2