vulnerability
FreeBSD: VID-72ee7111-6007-11e6-a6c3-14dae9d210b8 (CVE-2014-3954): FreeBSD -- rtsold(8) remote buffer overflow vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Aug 11, 2016 | Dec 10, 2025 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Aug 11, 2016
Added
Dec 10, 2025
Modified
Dec 10, 2025
Description
Problem Description: Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold(8). Impact: Receipt of a router advertisement message with a malformed DNSSL option, for instance from a compromised host on the same network, can cause rtsold(8) to crash. While it is theoretically possible to inject code into rtsold(8) through malformed router advertisement messages, it is normally compiled with stack protection enabled, rendering such an attack extremely difficult. When rtsold(8) crashes, the existing DNS configuration will remain in force, and the kernel will continue to receive and process periodic router advertisements.
Solutions
freebsd-upgrade-base-10_0-release-p10freebsd-upgrade-base-9_3-release-p3freebsd-upgrade-base-9_2-release-p13freebsd-upgrade-base-9_1-release-p20
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.