MNBSD-2023-13: TCP spoofing vulnerability in pf(4)

Severity: Unknown

Affected Package: pf

Summary: TCP spoofing vulnerability in pf(4)

Description

An attacker can, with relatively little effort, inject packets into a TCP stream destined to a host behind a pf firewall. This could be used to implement a denial-of-service attack for hosts behind the firewall, for example by sending TCP RST packets to the host.

Affected Versions

pf

Specific versions:

3.0.0
3.0.1
3.0.2
3.1.0
3.1.1

Recommendations

No specific recommendations provided.

References

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:17.pf.asc

Additional Information

Aliases: FreeBSD-SA-23:17.pf

Published: December 09, 2023
Last Modified: December 27, 2023