| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Aug 2007 09:16:50 +0200 From: Tóth László Attila <panther@...abit.hu> To: netdev@...r.kernel.org Subject: UDPv4 port allocation problem Hello, I noticed that it is possible that the kernel allocates the same UDP port to an application that was used and closed immediately before the new application got it. This means that applications that do not specify an exact port and rely on the kernel to allocate a port for them might see traffic originally meant for another application. Imagine that two applications want to resolve a name in DNS at about the same time. The following happens: * first app sends out the DNS query then closes the socket without waiting for an answer (e.g. it got interrupted by Ctrl+C) * second app opens an UDP socket, and gets the same port, originally assigned to app#1, sends out the DNS query * DNS server responds, the response goes to app#2 DNS might not be the perfect example, but you get the idea. Applications do not expect to receive data on newly opened sockets, not to mention the security implications. TCP on the other hand increases the allocated port number for each new socket, the same behaviour for UDP would add certain amount of time that decreases this risk. Is the current behaviour intended? Regards, Laszlo Attila Toth - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists