[Bug 195243] New: [Vulnerability info disclosed] CVE-2014-7250

Fri Nov 21 09:35:55 UTC 2014

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243

            Bug ID: 195243
           Summary: [Vulnerability info disclosed] CVE-2014-7250
           Product: Base System
           Version: 10.1-RELEASE
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: kenji at k2r.org

Japan IPA has disclosed the following vulnerability report on DDoS
possibilities regarding the BSD Net/2 TCP Timer implementation. The report says
FreeBSD 5.4 is vulnerable and *BSD OSes have possibilities to be attacked. 

http://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000134.html

IPA says the assigned CVE number is CVE-2014-7250.

A release of necessary patches from the FreeBSD Security Team ASAP is
appreciated.

(Note that this information does not specify the vulnerable versions of the
FreeBSD OS, so I set the version to 10.1-RELEASE just as a placeholder.)

-- 
You are receiving this mail because:
You are the assignee for the bug.