| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 05 Mar 2014 20:46:01 -0500 (EST) From: David Miller <davem@...emloft.net> To: linus.luessing@....de Cc: netdev@...r.kernel.org, bridge@...ts.linux-foundation.org, stephen@...workplumber.org, linux-kernel@...r.kernel.org, jstancek@...hat.com, fwestpha@...hat.com Subject: Re: [PATCH] bridge: multicast: add sanity check for query source addresses From: Linus Lüssing <linus.luessing@....de> Date: Tue, 4 Mar 2014 03:57:35 +0100 > MLD queries are supposed to have an IPv6 link-local source address > according to RFC2710, section 4 and RFC3810, section 5.1.14. This patch > adds a sanity check to ignore such broken MLD queries. > > Without this check, such malformed MLD queries can result in a > denial of service: The queries are ignored by any MLD listener > therefore they will not respond with an MLD report. However, > without this patch these malformed MLD queries would enable the > snooping part in the bridge code, potentially shutting down the > according ports towards these hosts for multicast traffic as the > bridge did not learn about these listeners. > > Reported-by: Jan Stancek <jstancek@...hat.com> > Signed-off-by: Linus Lüssing <linus.luessing@....de> Applied. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists