CVE-2026-4748

Published: Apr 01, 2026 Last Modified: Apr 01, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

A regression in the way hashes were calculated caused rules containing the address range syntax (x.x.x.x - y.y.y.y) that only differ in the address range(s) involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the address[/mask-bits] syntax were not affected.

Some keywords representing actions taken on a packet-matching rule, such as 'log', 'return tll', or 'dnpipe', may suffer from the same issue. It is unlikely that users have such configurations, as these rules would always be redundant.

Affected rules are silently ignored, which can lead to unexpected behaviour including over- and underblocking.

480

Use of Incorrect Operator

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Alter Execution Logic
Applicable Platforms
Languages: C, C++, Not Language-Specific, Perl
Likelihood of Exploit: Low
View CWE Details
754

Improper Check for Unusual or Exceptional Conditions

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability
Potential Impacts:
Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
All platforms may be affected
Likelihood of Exploit: Medium
View CWE Details
1023

Incomplete Comparison with Missing Factors

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Access Control
Potential Impacts:
Alter Execution Logic Bypass Protection Mechanism
Applicable Platforms
All platforms may be affected
View CWE Details
https://security.freebsd.org/advisories/FreeBSD-SA-26:09.pf…
https://security.freebsd.org/advisories/FreeBSD-SA-26:09.pf.asc