CVE-2026-7164

HIGH

FreeBSD pf - SCTP Packet Stack Overflow Denial of Service

Title source: manual

Description

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://security.freebsd.org/advisories/FreeBSD-SA-26:14.pf.asc

Scores

CVSS v3 7.5

EPSS 0.0043

EPSS Percentile 34.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-674 CWE-791

Status published

Products (8)

freebsd/freebsd 13.5 (14 CPE variants)

freebsd/freebsd 14.3 (12 CPE variants)

freebsd/freebsd 14.4 (4 CPE variants)

freebsd/freebsd 15.0 (7 CPE variants)

FreeBSD/FreeBSD 13.5-RELEASE - p13

FreeBSD/FreeBSD 14.3-RELEASE - p12

FreeBSD/FreeBSD 14.4-RELEASE - p3

FreeBSD/FreeBSD 15.0-RELEASE - p7

Published Apr 30, 2026

Tracked Since Apr 30, 2026