Versions Affected : All verisons prior to 11.3-U3.2
The SCTP layer does improper checking when an application tries to update a shared key.
Therefore an unprivileged local user can trigger a use-after- free situation, for example by specific sequences of updating shared keys and closing the SCTP association. Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic.
No workaround is available.
- Upgrade to FreeNAS 11.3-U3.2 or later.