I bet 1.000.000 USD that OpenBSD fixed that decades ago Or never had such vuln. A few questions about this: 1) Don't properly configured servers have Firewalls that would prevent this? 2) On Firewalls, what is the market-share of FreeBSD against other OS's? 3) Why servers need ICMPv6? Isn't IMCPv4 enough for internal connection debugging and to allow users to test their connections from outside? 4) Why is a Kernel so vulnerable to a NULL pointer? And why aren't mitigations already in place for such cases? It seems developers never hope for the worse, and if something didn't happened for a long time they won't implement protections.