FreeBSD PF SCTP chunk recursion stack overflow (CVE-2026-7164)
CVE-2026-7164 Published on April 30, 2026
pf can overflow the stack parsing crafted SCTP packets
Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic.
Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.
Vulnerability Analysis
CVE-2026-7164 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Types
What is a Stack Exhaustion Vulnerability?
The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.
CVE-2026-7164 has been classified to as a Stack Exhaustion vulnerability or weakness.
Incomplete Filtering of Special Elements
The software receives data from an upstream component, but does not completely filter special elements before sending it to a downstream component.
Products Associated with CVE-2026-7164
Want to know whenever a new CVE is published for FreeBSD? stack.watch will email you.
Affected Versions
FreeBSD:- Version 15.0-RELEASE and below p7 is affected.
- Version 14.4-RELEASE and below p3 is affected.
- Version 14.3-RELEASE and below p12 is affected.
- Version 13.5-RELEASE and below p13 is affected.