CVE-2026-4748 in FreeBSDИнформация

Сводка (Английский)

A regression in the way hashes were calculated caused rules containing the address range syntax (x.x.x.x - y.y.y.y) that only differ in the address range(s) involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the address[/mask-bits] syntax were not affected. Some keywords representing actions taken on a packet-matching rule, such as 'log', 'return tll', or 'dnpipe', may suffer from the same issue. It is unlikely that users have such configurations, as these rules would always be redundant. Affected rules are silently ignored, which can lead to unexpected behaviour including over- and underblocking.

Ответственный

freebsd

Резервировать

24.03.2026

Раскрытие

01.04.2026

Записи

VulDB provides additional information and datapoints for this CVE:

ИД	Уязвимость	CWE	Экс	Кон	CVE
354612	FreeBSD Hash Calculation Удалённое выполнение кода	480	Не определено	Официальное исправление	CVE-2026-4748

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

◂ ПредыдущийОбзорДалее ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!