Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-32264

sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial-of-service (DoS) vulnerability due to improper handling of TSopt on TCP connections. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Published

2022-09-06T18:15:15.530

Last Modified

2025-06-17T20:15:25.727

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-755
Type: Secondary
CWE-755

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	freebsd	freebsd	< 7.0	Yes

References

http://jvn.jp/en/jp/JVN20930118/ Third Party Advisory ([email protected])
https://cgit.freebsd.org/src/commit/?id=4dc630cdd2f7a790604d2724ecb19c6aa95130a7 Mailing List, Patch, Vendor Advisory ([email protected])
http://jvn.jp/en/jp/JVN20930118/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cgit.freebsd.org/src/commit/?id=4dc630cdd2f7a790604d2724ecb19c6aa95130a7 Mailing List, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)