Versions Affected : All verisons prior to FreeNAS 11.3-U5


Description

IPv6 is a network layer supporting Hop-by-Hop options, which can be sent by applications via the socket API. The memory management for packet handling is done using mbufs.

Due to improper mbuf handling in the kernel, a use-after-free bug might be triggered by sending IPv6 Hop-by-Hop options over the loopback interface.


Workaround

No workaround is available.


Mitigation

  • Upgrade to FreeNAS 11.3-U5 or later.

Commit


Further information