I have in previous posts discussed ICMPv6 and the potential security issues with it. Basically, the issue is that you need to open your firewalls for ICMPv6 “packet too big” messages from any host on the internet. In theory this opens for potential attackers.
Today Apple announced a security issue with MacOS and issued a patch and the following announcement: - “Specifically, when IPv6 support is enabled, an implementation issue in the handling of incoming ICMPv6 Packet Too Big messages could cause an unexpected system shutdown. The update addresses the issue through improved handling of ICMPv6 messages.”
Without being an expert on the MacOS platform, this sounds like a buffer overflow attack. Unexpected shutdown is probably the best case scenario when somebody is trying to exploit this. The situation gets even worse when you realize that the ICMPv6 handler is most likely running in kernel mode. A potential exploit of vulnerability could give the attacker root privileges. And again, incoming ICMPv6 packet too big messages are probably allowed in your firewall.
Start patching if you are using MacOS and IPv6.