FreeBSD pf Stack Overflow Vulnerability in SCTP Packet Processing

A stack overflow vulnerability has been identified in the FreeBSD packet filter (pf) when processing crafted SCTP packets. This issue arises from incorrect packet validation, which allows for unbounded recursion while parsing SCTP chunk parameters. As a result, remote attackers can send specially crafted packets that cause the system to panic. This vulnerability affects all supported versions of FreeBSD where pf is configured to handle traffic, regardless of the specific ruleset in use.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing the system to panic and become unresponsive.

Remediation

Users can upgrade to a supported FreeBSD stable or release branch dated after the correction date. Instructions for updating via the pkg utility, freebsd-update utility, or by applying a source code patch are available in the FreeBSD Security Advisory FreeBSD-SA-26:14.pf.