In ipfw packet filter two vulnerabilities in the TCP options parsing code, caused by incorrect data verification in processed network packets. The first vulnerability (CVE-2019-5614) when processing TCP packets in a certain way can lead to access to memory outside the allocated mbuf buffer, and the second (CVE-2019-15874) can lead to access to already freed memory areas (use-after-free ).
An analysis of the suitability of the identified issues for exploitation capable of triggering the execution of attacker code has not been carried out, but it is possible that the vulnerabilities may not be limited to causing a kernel crash. The problems were fixed in the FreeBSD 11.3-RELEASE-p8 and 12.1-RELEASE-p4 updates (fixes were made to the stable branches back in December last year, but the fact that these fixes are related to eliminating the vulnerability became known only now).
Source: opennet.ru