Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.
Metrics
Affected Vendors & Products
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Freebsd
Subscribe
|
Freebsd
Subscribe
|
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 30 Apr 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Freebsd
Freebsd freebsd |
|
| Vendors & Products |
Freebsd
Freebsd freebsd |
Thu, 30 Apr 2026 08:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset. | |
| Title | pf can overflow the stack parsing crafted SCTP packets | |
| Weaknesses | CWE-674 CWE-791 |
|
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: freebsd
Published:
Updated: 2026-04-30T07:23:52.601Z
Reserved: 2026-04-27T06:03:58.316Z
Link: CVE-2026-7164
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-04-30T08:16:07.653
Modified: 2026-04-30T08:16:07.653
Link: CVE-2026-7164
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-04-30T09:30:15Z