[Bug 195243] New: [Vulnerability info disclosed] CVE-2014-7250

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Fri Nov 21 09:35:55 UTC 2014


            Bug ID: 195243
           Summary: [Vulnerability info disclosed] CVE-2014-7250
           Product: Base System
           Version: 10.1-RELEASE
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: kenji at k2r.org

Japan IPA has disclosed the following vulnerability report on DDoS
possibilities regarding the BSD Net/2 TCP Timer implementation. The report says
FreeBSD 5.4 is vulnerable and *BSD OSes have possibilities to be attacked. 


IPA says the assigned CVE number is CVE-2014-7250.

A release of necessary patches from the FreeBSD Security Team ASAP is

(Note that this information does not specify the vulnerable versions of the
FreeBSD OS, so I set the version to 10.1-RELEASE just as a placeholder.)

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list