| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Dec 2015 17:27:22 +0000 From: David Laight <David.Laight@...LAB.COM> To: 'Eric Dumazet' <eric.dumazet@...il.com> CC: 'Daniel Borkmann' <daniel@...earbox.net>, Marcelo Ricardo Leitner <marcelo.leitner@...il.com>, Eric Dumazet <edumazet@...gle.com>, "Dmitry Vyukov" <dvyukov@...gle.com>, "David S. Miller" <davem@...emloft.net>, "Alexey Kuznetsov" <kuznet@....inr.ac.ru>, James Morris <jmorris@...ei.org>, "Hideaki YOSHIFUJI" <yoshfuji@...ux-ipv6.org>, Patrick McHardy <kaber@...sh.net>, netdev <netdev@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, "Vlad Yasevich" <vyasevich@...il.com>, Neil Horman <nhorman@...driver.com>, "linux-sctp@...r.kernel.org" <linux-sctp@...r.kernel.org>, syzkaller <syzkaller@...glegroups.com>, Kostya Serebryany <kcc@...gle.com>, "Alexander Potapenko" <glider@...gle.com>, Sasha Levin <sasha.levin@...cle.com> Subject: RE: [PATCH net] ipv6: sctp: clone options to avoid use after free From: Eric Dumazet > Sent: 10 December 2015 15:58 > > BTW, are you even using IPv6 SCTP sessions ? Our M3UA/SCTP protocol stack supports them and defaults to using IPv6 listening sockets for IPv4 connections. I very much doubt than any customers have used them yet. So most of the IPv6 connections will have been to ::1 during internal regression testing. We don't even try to set any IPv6 (or IPv4) options. Just SO_REUSEADDR, TCP/SCTP_NODELAY, SCTP_EVENTS, SCTP_INITMSG, SO_KEEPALIVE (tcp), IPV6_V6ONLY (if binding separate listeners), SCTP_SOCKOPT_BINX_ADD (WTF is this a 'socket option') and SO_LINGER (to get abortive close on SCTP connections on kernels before 3.18). David
Powered by blists - more mailing lists