lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 23 Aug 2007 09:16:50 +0200
From:	Tóth László Attila <panther@...abit.hu>
To:	netdev@...r.kernel.org
Subject: UDPv4 port allocation problem

Hello,

I noticed that it is possible that the kernel allocates the same UDP
port to an application that was used and closed immediately before the
new application got it. This means that applications that do not specify
an exact port and rely on the  kernel to allocate a port for them might
see traffic originally meant for another application.

Imagine that two applications want to resolve a name in DNS at about the
same time. The following happens:
 * first app sends out the DNS query then closes the socket without
waiting for an answer (e.g. it got interrupted by Ctrl+C)
 * second app opens an UDP socket, and gets the same port, originally
assigned to app#1, sends out the DNS query
 * DNS server responds, the response goes to app#2

DNS might not be the perfect example, but you get the idea. 
Applications do not expect to receive data on newly opened sockets, not
to mention the security implications.

TCP on the other hand increases the allocated port number for each new
socket, the same behaviour for UDP would add certain amount of time that
decreases this risk.

Is the current behaviour intended?

Regards,
Laszlo Attila Toth
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists