mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
68 lines
2.2 KiB
JSON
68 lines
2.2 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secteam@freebsd.org",
|
|
"DATE_PUBLIC": "2018-03-07T00:00:00",
|
|
"ID": "CVE-2018-6916",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "FreeBSD",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "All supported versions of FreeBSD"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "FreeBSD"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper validation"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "1040460",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://www.securitytracker.com/id/1040460"
|
|
},
|
|
{
|
|
"name": "FreeBSD-SA-18:01",
|
|
"refsource": "FREEBSD",
|
|
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:01.ipsec.asc"
|
|
}
|
|
]
|
|
}
|
|
} |