FreeBSD -- ipsec validation and use-after-free
Due to a lack of strict checking, an attacker from a
trusted host can send a specially constructed IP packet
that may lead to a system crash.
Additionally, a use-after-free vulnerability in the AH
handling code could cause unpredictable results.
Access to out of bounds or freed mbuf data can lead to
a kernel panic or other unpredictable results.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright