Date: Fri, 21 Nov 2014 09:35:55 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 195243] New: [Vulnerability info disclosed] CVE-2014-7250 Message-ID: <bug-195243-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243 Bug ID: 195243 Summary: [Vulnerability info disclosed] CVE-2014-7250 Product: Base System Version: 10.1-RELEASE Hardware: Any OS: Any Status: Needs Triage Severity: Affects Many People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: kenji@k2r.org Japan IPA has disclosed the following vulnerability report on DDoS possibilities regarding the BSD Net/2 TCP Timer implementation. The report says FreeBSD 5.4 is vulnerable and *BSD OSes have possibilities to be attacked. http://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000134.html IPA says the assigned CVE number is CVE-2014-7250. A release of necessary patches from the FreeBSD Security Team ASAP is appreciated. (Note that this information does not specify the vulnerable versions of the FreeBSD OS, so I set the version to 10.1-RELEASE just as a placeholder.) -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-195243-8>