CVE-2023-3107: Remote denial of service in IPv6 fragment reassembly
First published: Tue Aug 01 2023(Updated: )
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.
Credit: secteam@freebsd.org secteam@freebsd.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD FreeBSD | =12.4 | |
| FreeBSD FreeBSD | =12.4-p1 | |
| FreeBSD FreeBSD | =12.4-p2 | |
| FreeBSD FreeBSD | =12.4-p3 | |
| FreeBSD FreeBSD | =12.4-rc2-p1 | |
| FreeBSD FreeBSD | =12.4-rc2-p2 | |
| FreeBSD FreeBSD | =13.1 | |
| FreeBSD FreeBSD | =13.1-b1-p1 | |
| FreeBSD FreeBSD | =13.1-b2-p2 | |
| FreeBSD FreeBSD | =13.1-p1 | |
| FreeBSD FreeBSD | =13.1-p2 | |
| FreeBSD FreeBSD | =13.1-p3 | |
| FreeBSD FreeBSD | =13.1-p4 | |
| FreeBSD FreeBSD | =13.1-p5 | |
| FreeBSD FreeBSD | =13.1-p6 | |
| FreeBSD FreeBSD | =13.1-p7 | |
| FreeBSD FreeBSD | =13.1-p8 | |
| FreeBSD FreeBSD | =13.1-rc1-p1 | |
| FreeBSD FreeBSD | =13.2 | |
| FreeBSD FreeBSD | =13.2-p1 | |
| NetApp Clustered Data ONTAP | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-3107?
CVE-2023-3107 is a vulnerability that allows an attacker to trigger a kernel panic, resulting in a denial of service, by sending carefully crafted IPv6 packets that trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field.
How severe is CVE-2023-3107?
CVE-2023-3107 has a severity rating of 7.5, which is considered high.
Which software versions are affected by CVE-2023-3107?
FreeBSD versions 12.4, 12.4-p1, 12.4-p2, 12.4-p3, 12.4-rc2-p1, 12.4-rc2-p2, 13.1, 13.1-b1-p1, 13.1-b2-p2, 13.1-p1, 13.1-p2, 13.1-p3, 13.1-p4, 13.1-p5, 13.1-p6, 13.1-p7, 13.1-p8, 13.1-rc1-p1, 13.2, and 13.2-p1 are affected by CVE-2023-3107.
How can I fix the CVE-2023-3107 vulnerability?
To fix the CVE-2023-3107 vulnerability, it is recommended to update to the latest available version of FreeBSD or apply the necessary patches provided by the vendor.
Where can I find more information about CVE-2023-3107?
You can find more information about CVE-2023-3107 on the FreeBSD Security Advisories website (https://security.FreeBSD.org/advisories/FreeBSD-SA-23:06.ipv6.asc) and the NetApp Security Advisory website (https://security.netapp.com/advisory/ntap-20230804-0001/).
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/12.4
- version/freebsd freebsd/12.4-p1
- version/freebsd freebsd/12.4-p2
- version/freebsd freebsd/12.4-p3
- version/freebsd freebsd/12.4-rc2-p1
- version/freebsd freebsd/12.4-rc2-p2
- version/freebsd freebsd/13.1
- version/freebsd freebsd/13.1-b1-p1
- version/freebsd freebsd/13.1-b2-p2
- version/freebsd freebsd/13.1-p1
- version/freebsd freebsd/13.1-p2
- version/freebsd freebsd/13.1-p3
- version/freebsd freebsd/13.1-p4
- version/freebsd freebsd/13.1-p5
- version/freebsd freebsd/13.1-p6
- version/freebsd freebsd/13.1-p7
- version/freebsd freebsd/13.1-p8
- version/freebsd freebsd/13.1-rc1-p1
- version/freebsd freebsd/13.2
- version/freebsd freebsd/13.2-p1
- vendor/netapp
- canonical/netapp clustered data ontap
- version/netapp clustered data ontap/9.0