CVE-2026-4748
Gravedad CVSS v3.1:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
01/04/2026
Última modificación:
02/04/2026
Descripción
*** Pendiente de traducción *** A regression in the way hashes were calculated caused rules containing the address range syntax (x.x.x.x - y.y.y.y) that only differ in the address range(s) involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the address[/mask-bits] syntax were not affected.<br />
<br />
Some keywords representing actions taken on a packet-matching rule, such as &#39;log&#39;, &#39;return tll&#39;, or &#39;dnpipe&#39;, may suffer from the same issue. It is unlikely that users have such configurations, as these rules would always be redundant.<br />
<br />
Affected rules are silently ignored, which can lead to unexpected behaviour including over- and underblocking.
Impacto
Puntuación base 3.x
7.50
Gravedad 3.x
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* | 14.0 (incluyendo) | 14.4 (excluyendo) |
| cpe:2.3:o:freebsd:freebsd:14.3:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p6:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p7:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p8:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.3:p9:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:14.4:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:15.0:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:15.0:p1:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página