FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- TCP IPv6 SYN cache kernel information disclosure

Affected packages
12.1 <= FreeBSD-kernel < 12.1_3
11.3 <= FreeBSD-kernel < 11.3_7

Details

VuXML ID 0e06013e-6a06-11ea-92ab-00163e433440
Discovery 2020-03-19
Entry 2020-03-19

Problem Description:

When a TCP server transmits or retransmits a TCP SYN-ACK segment over IPv6, the Traffic Class field is not initialized. This also applies to challenge ACK segments, which are sent in response to received RST segments during the TCP connection setup phase.

Impact:

For each TCP SYN-ACK (or challenge TCP-ACK) segment sent over IPv6, one byte of kernel memory is transmitted over the network.

References

CVE Name CVE-2020-7451
FreeBSD Advisory SA-20:04.tcp

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.