pf incorrectly handles multiple IPv6 fragment headers

In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is. As a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.

N/A

附加特殊元素净化处理不恰当

FreeBSD 安全漏洞

FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在安全漏洞，该漏洞源于IPv6片段可能会绕过基于假设所有片段均已重新组装而编写的防火墙规则，并因此由主机转发或处理。

N/A

N/A