VIR Vulnerability Intelligence Relay

CVE-2014-8613

high
Published 2015-02-02 · Modified 2026-05-06
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://www.freebsd.org/security/advisories/FreeBSD-SA-15:03.sctp.asc

OS impact
OSVersionStatusFixed in
freebsd freebsd8.4affected
freebsd freebsd9.3affected
freebsd freebsd10.1affected

References

Verify integrity in audit chain (admin only). AS-IS.