Versions Affected : All verisons prior to FreeNAS 11.3-U3.2

---

Description

The IPV6_2292PKTOPTIONS set handler was missing synchronization, so racing accesses could modify freed memory.

A malicious user application could trigger memory corruption, leading to privilege escalation.

---

Workaround

No workaround is available.

---

Mitigation

• Upgrade to FreeNAS 11.3-U4.1 or later.

---

Commit

• FreeBSD Revision : r363026
• FreeNAS Commit : 0066dfc
• JIRA Ticket : NAS-106415

---

Further information

• FreeBSD Errata Entry