21.04.2020 23:55, FreeBSD Security Advisories wrote: > ============================================================================= > FreeBSD-SA-20:10.ipfw Security Advisory > The FreeBSD Project > > Topic: ipfw invalid mbuf handling
[skip] > IV. Workaround > > No workaround is available. Systems not using the ipfw firewall are > not vulnerable. This is not true. The problem affects only seldom used rules matching TCP packets by list of TCP options (rules with "tcpoptions" keyword) and/or by TCP MSS size (rules with matching "tcpmss" keyword, don't mix with "tcp-setmss" action keyword). Systems not using "tcpoptions" nor "tcpmss" keywords to match TCP packets are not affected. For example, system using any of default templates (open/client/simple/closed/workstation) are not affected. Please consider re-checking this and adjusting the Advisory. _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
