云聚 AI Token Plan 满 199 减 35 元
port:80 AI Junkie
AI 重度玩家的工程笔记本
DigitalOcean 开发者云

FreeBSD Remote Code Execution Vulnerability Discovered in IPv6 Router Advertisement Handling

云聚 AI Token Plan 满 199 减 35 元

The FreeBSD project has released an important security advisory, numbered FreeBSD-SA-25:12, disclosing a critical remote code execution vulnerability (CVE-2025-14558) in the rtsold and rtsol programs. These programs handle router advertisement packets for IPv6 Stateless Address Autoconfiguration (SLAAC). The vulnerability stems from the programs’ failure to validate the domain search list option in router advertisement messages, directly passing the option content to the resolvconf(8) script, which lacks input validation and could lead to malicious command injection. Attackers can execute arbitrary code on FreeBSD systems running the affected programs by sending specially crafted router advertisement messages. The attack scope is limited to the same network segment because router advertisements are not routable. This vulnerability affects all supported FreeBSD versions and was patched through an update on December 16, 2025. The advisory emphasizes that this vulnerability highlights the importance of network security protection, and users should apply security patches immediately. No temporary workaround is currently available.

Original link:Hacker News

阿里云 OPC 一人公司创业装备库
阿里云函数计算 一键部署 AI 大模型
赞(0)
未经允许不得转载:80aj » FreeBSD Remote Code Execution Vulnerability Discovered in IPv6 Router Advertisement Handling
赞助推荐 FoxCode Claude Code 稳定中转
阿里云函数计算 一键部署 AI 大模型

GLM Claude Code · 国产平替不封号

官方 Claude Code 又涨价又要 KYC,封号还得重配环境?智谱 GLM 兼容 Claude Code,稳定不封号、价格友好,注册后把现有 Claude Code 工作流直接切过来继续用。

立即体验 GLM查看套餐价格