The FreeBSD Team has recently patched a security vulnerability that would enable DoS attacks and compromise user privileges and data. Read the full reported by Theatpost and PTsecurity below.

SCTP ICMPv6 error processing vulnerability (CVE-2016-1879)

SCTP (stream control transmission protocol) is a transport-layer protocol designed to transfer signaling messages in an IP environment. As a rule, mobile operators use this protocol in technological networks.

This vulnerability threatens FreeBSD systems (versions 9.3, 10.1, and 10.2) if they support SCTP and IPv6 (default configuration). To exploit this flaw, a malefactor needs to send a specially crafted ICMPv6 message. And if he succeeds, he can conduct a DoS attack.

See a video demo of the attack:

Links: https://threatpost.com/freebsd-patches-kernel-panic-vulnerability/116001/
http://blog.ptsecurity.com/2016/01/severe-vulnerabilities-detected-in.html