An attacker can, with relatively little effort, inject packets into a TCP stream destined to a host behind a pf firewall. This could be used to implement a denial-of-service attack for hosts behind the firewall, for example by sending TCP RST packets to the host.
Aliases: FreeBSD-SA-23:17.pf
Modified: 2023-12-27T00:00:00.000Z
Published: 2023-12-09T00:00:00.000Z
References
https://www.freebsd.org/security/advisories/FreeBSD-SA-23:17.pf.asc