FreeBSD-SA-20:10.ipfw : ipfw invalid mbuf handling
Versions Affected : All verisons prior to FreeNAS 11.3-U2.1
Incomplete packet data validation may result in accessing out-of-bounds memory (CVE-2019-5614) or may access memory after it has been freed (CVE-2019-15874).
No workaround is available. Systems not using the ipfw firewall are not vulnerable.
- Upgrade to FreeNAS 11.3-U3.2 or later