CVE-2023-3107

CVE-2023-3107: Remote denial of service in IPv6 fragment reassembly

Vendor Freebsd
Product FreeBSD
Weakness CWE-190
Published August 1, 2023
Last update July 9, 2025

CVSS base score

What the vulnerability does

01Description

A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.

Key dates

02Disclosure timeline

August 1, 2023 CVE published
July 9, 2025 Record updated