[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20020917025118.GZ12875@bcd.geek.com.au>
From: security-officer at netbsd.org (NetBSD Security Officer)
Subject: NetBSD Security Advisory 2002-017: shutdown(s, SHUT_RD) on TCP socket does not work as intended
-----BEGIN PGP SIGNED MESSAGE-----
NetBSD Security Advisory 2002-017
=================================
Topic: shutdown(s, SHUT_RD) on TCP socket does not work as intended
Version: NetBSD-current: source prior to September 7, 2002
NetBSD 1.6 beta: affected
NetBSD-1.5.3: affected
NetBSD-1.5.2: affected
NetBSD-1.5.1: affected
NetBSD-1.5: affected
NetBSD-1.4.*: affected
Severity: Unexpected kernel memory consumption
Fixed: NetBSD-current: September 7, 2002
NetBSD-1.6 branch: September 7, 2002 (1.6 includes the fix)
NetBSD-1.5 branch: September 7, 2002
NetBSD-1.4 branch: not yet
Abstract
========
shutdown(s, SHUT_RD) is used to indicate that there should be no inbound
traffic expected on the socket. There was mistake in TCP with respect to
the handling of shutdown'ed socket, leading to unexpected kernel resource
consumption and unexpected behavior.
Technical Details
=================
Some of sbappend() calls from sys/netinet/tcp_input.c did not consult
SS_CANTRCVMORE flag on socket properly.
http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=18185
Solutions and Workarounds
=========================
The recent NetBSD 1.6 release is not vulnerable to this issue. A full
upgrade to NetBSD 1.6 is the recommended resolution for all users able
to do so. Many security-related improvements have been made, and
indeed this release has been delayed several times in order to include
fixes for a number of recent issues.
The following instructions describe how to upgrade your kernel by
updating your source tree and rebuilding and installing a new version
of kernel.
* NetBSD-current:
Systems running NetBSD-current dated from before 2002-09-06
should be upgraded to NetBSD-current dated 2002-09-06 or later.
The following directories need to be updated from the
netbsd-current CVS branch (aka HEAD):
sys/netinet
To update from CVS, re-build, re-install kernel and reboot:
# cd src
# cvs update -d -P sys/netinet
Configure, compile, install and boot a new kernel according to
the instructions at:
http://www.netbsd.org/Documentation/kernel/#building_a_kernel
* NetBSD 1.6 beta:
Systems running NetBSD 1.6 BETAs and Release Candidates should
be upgraded to the NetBSD 1.6 release.
If a source-based point upgrade is required, sources from the
NetBSD 1.6 branch dated 2002-09-06 or later should be used.
The following directories need to be updated from the
netbsd-1-6 CVS branch:
sys/netinet
To update from CVS, re-build, re-install kernel and reboot:
# cd src
# cvs update -d -P -r netbsd-1-6 sys/netinet
Configure, compile, install and boot a new kernel according to
the instructions at:
http://www.netbsd.org/Documentation/kernel/#building_a_kernel
* NetBSD 1.5, 1.5.1, 1.5.2, 1.5.3:
Systems running NetBSD 1.5, 1.5.1, 1.5.2, or 1.5.3 sources dated
from before 2002-09-06 should be upgraded from NetBSD 1.5.*
sources dated 2002-09-06 or later.
NetBSD 1.5.4 will be shipped with fixes.
The following directories need to be updated from the
netbsd-1-5 CVS branch:
sys/netinet
To update from CVS, re-build, re-install kernel and reboot:
# cd src
# cvs update -d -P -r netbsd-1-5 sys/netinet
Configure, compile, install and boot a new kernel according to
the instructions at:
http://www.netbsd.org/Documentation/kernel/#building_a_kernel
* NetBSD 1.4, 1.4.1, 1.4.2, 1.4.3:
The advisory will be updated to include instructions to remedy
this problem for systems running the NetBSD-1.4 branch.
Thanks To
=========
Sean Boudreau
The NetBSD Release Engineering teams, for great patience and
assistance in dealing with repeated security issues discovered
recently.
Revision History
================
2002-09-16 Initial release
More Information
================
Advisories may be updated as new information comes to hand. The most
recent version of this advisory (PGP signed) can be found at
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-017.txt.asc
Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.ORG/ and http://www.NetBSD.ORG/Security/.
Copyright 2002, The NetBSD Foundation, Inc. All Rights Reserved.
$NetBSD: NetBSD-SA2002-017.txt,v 1.9 2002/09/16 05:17:55 dan Exp $
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBPYVqej5Ru2/4N2IFAQFXFQP/TgE2w4hDKtWeccyjBSYEYPji7hgu/IPK
gJztYTRBM4xDKyx76QW+MSoFu/ye+Jfkveh6ZmxGKb2oFzGjbKKyKISk1brBaZ+o
g6mqsd05AACYukIhkRdNOR84bPr086soGRJQFXaLUKbwcUBNQQ43yY8fDqMdEuBd
yk+GJu7hDgQ=
=kfaF
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists