Severity: Unknown
Affected Package: pf
Summary: TCP spoofing vulnerability in pf(4)
An attacker can, with relatively little effort, inject packets into a TCP stream destined to a host behind a pf firewall. This could be used to implement a denial-of-service attack for hosts behind the firewall, for example by sending TCP RST packets to the host.
Specific versions:
No specific recommendations provided.
Aliases: FreeBSD-SA-23:17.pf
Published: December 09, 2023
Last Modified: December 27, 2023