CVE-2023-52556

medium

Description

In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and expiration of packet states may cause a kernel panic.

References

https://github.com/openbsd/src/commit/9d9f4dc6c833cb79d13f836581e3a781d06842e7

https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/009_pf.patch.sig

Details

Source: Mitre, NVD

Published: 2024-03-01

Updated: 2024-11-14

Risk Information

CVSS v2

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 6.2

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: Medium