CVE-2026-7164

EUVD-2026-26352
Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters.  This can eventually result in a stack overflow and panic.

Remote attackers can craft packets which cause affected systems to panic.  This affects any system where pf is configured to process traffic, independent of the configured ruleset.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
freebsdfreebsd
13.5
freebsdfreebsd
13.5:beta3
freebsdfreebsd
13.5:p1
freebsdfreebsd
13.5:p10
freebsdfreebsd
13.5:p11
freebsdfreebsd
13.5:p12
freebsdfreebsd
13.5:p2
freebsdfreebsd
13.5:p3
freebsdfreebsd
13.5:p4
freebsdfreebsd
13.5:p5
freebsdfreebsd
13.5:p6
freebsdfreebsd
13.5:p7
freebsdfreebsd
13.5:p8
freebsdfreebsd
13.5:p9
freebsdfreebsd
14.3
freebsdfreebsd
14.3:p1
freebsdfreebsd
14.3:p10
freebsdfreebsd
14.3:p11
freebsdfreebsd
14.3:p2
freebsdfreebsd
14.3:p3
freebsdfreebsd
14.3:p4
freebsdfreebsd
14.3:p5
freebsdfreebsd
14.3:p6
freebsdfreebsd
14.3:p7
freebsdfreebsd
14.3:p8
freebsdfreebsd
14.3:p9
freebsdfreebsd
14.4
freebsdfreebsd
14.4:p1
freebsdfreebsd
14.4:p2
freebsdfreebsd
14.4:rc1
freebsdfreebsd
15.0
freebsdfreebsd
15.0:p1
freebsdfreebsd
15.0:p2
freebsdfreebsd
15.0:p3
freebsdfreebsd
15.0:p4
freebsdfreebsd
15.0:p5
freebsdfreebsd
15.0:p6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.freebsd.org/advisories/FreeBSD-SA-26:14.pf.asc