FreeBSD Security Advisory FreeBSD-SA-01:52 - Remote users may be able to prevent a FreeBSD system from communicating with other systems on the network by transmitting large numbers of fragmented IPv4 datagrams. For the attack to be effective, the attacker must have a high-bandwidth connection to the target system. IP datagram fragments destined to the target system will be queued for 30 seconds, to allow fragmented datagrams to be reassembled. There was no upper limit in the number of reassembly queues. Therefore, a malicious party may be able to transmit a lot of bogus fragmented datagrams (with different IPv4 identification field) and cause the target system to exhaust its mbuf pool, preventing further network traffic processing or generation while the starvation condition continues.
2972addf4a608d78056fb160604edc584e28bdaa94b04465877d6a8a8703c371