Get a Quote   (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support
TrueNAS.com Software Systems Company Community Security iX Portal Download

FreeBSD ipfw
OS

Versions Affected : All verisons prior to FreeNAS 11.3-U2.1

Description

Incomplete packet data validation may result in accessing out-of-bounds memory (CVE-2019-5614) or may access memory after it has been freed (CVE-2019-15874).

Workaround

No workaround is available. Systems not using the ipfw firewall are not vulnerable.

Mitigation

  • Upgrade to FreeNAS 11.3-U3.2 or later

Commit

Further information