MNBSD-2026-7: pf can overflow the stack parsing crafted SCTP packets

Severity: Unknown

Affected Package: pf

Summary: pf can overflow the stack parsing crafted SCTP packets

Description

pf parses SCTP packets to discover additional addresses for SCTP endpoints, allowing it to create states allowing connections between these additional addresses. Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.

Affected Versions

pf

Recommendations

No specific recommendations provided.

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-26:14.pf.asc
https://www.cve.org/CVERecord?id=CVE-2026-7164

Additional Information

Aliases: CVE-2026-7164

Published: April 29, 2026
Last Modified: April 29, 2026