Vulnerability Description
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker who is able to send an arbitrary ip fragments to cause the machine to consume excessive resources.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 2.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105336Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041505Third Party AdvisoryVDB Entry
- https://www.freebsd.org/security/advisories/FreeBSD-SA-18:10.ip.ascMitigationVendor Advisory
- http://www.securityfocus.com/bid/105336Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041505Third Party AdvisoryVDB Entry
- https://www.freebsd.org/security/advisories/FreeBSD-SA-18:10.ip.ascMitigationVendor Advisory
FAQ
What is CVE-2018-6923?
CVE-2018-6923 is a vulnerability with a CVSS score of 7.5 (HIGH). In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a ...
How severe is CVE-2018-6923?
CVE-2018-6923 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6923?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd.