RCE via ND6 Router Advertisements in FreeBSD
21 hours ago
- #FreeBSD
- #IPv6
- #Security
- FreeBSD security advisory (FreeBSD-SA-25:12.rtsold) addresses a remote code execution vulnerability via ND6 Router Advertisements.
- Affected programs: rtsol(8) and rtsold(8), which process IPv6 router advertisement packets.
- Vulnerability: Lack of validation in domain search list options in router advertisements, leading to potential shell command execution via resolvconf(8).
- Impact: Remote code execution possible from systems on the same network segment; does not cross network boundaries.
- Affected versions: All supported versions of FreeBSD.
- Solution: Upgrade to patched versions or apply source/binary patches as detailed in the advisory.
- Workaround: No workaround available; systems not using IPv6 or not accepting router advertisements are unaffected.
- Correction details: Includes Git commit hashes for fixed versions across stable and release branches.
- References: Advisory available at FreeBSD security patches page.