lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 30 Jan 2008 09:38:49 +0100 (CET)
From:	Andi Kleen <ak@...e.de>
To:	netdev@...r.kernel.org
Subject: [PATCH] [1/1] Deprecate tcp_tw_{reuse,recycle} 


We've recently had a long discussion about the CVE-2005-0356 time stamp denial-of-service
attack. It turned out that Linux is only vunerable to this problem when tcp_tw_recycle
is enabled (which it is not by default).

In general these two options are not really usable in today's internet because they
make the (often false) assumption that a single IP address has a single TCP time stamp /
PAWS clock. This assumption breaks both NAT/masquerading and also opens Linux to denial
of service attacks (see the CVE description) 

Due to these numerous problems I propose to remove this code for 2.6.26

Signed-off-by: Andi Kleen <ak@...e.de>

Index: linux/Documentation/feature-removal-schedule.txt
===================================================================
--- linux.orig/Documentation/feature-removal-schedule.txt
+++ linux/Documentation/feature-removal-schedule.txt
@@ -354,3 +354,15 @@ Why:	The support code for the old firmwa
 	and slightly hurts runtime performance. Bugfixes for the old firmware
 	are not provided by Broadcom anymore.
 Who:	Michael Buesch <mb@...sch.de>
+
+---------------------------
+
+What:   Support for /proc/sys/net/ipv4/tcp_tw_{reuse,recycle} = 1
+When:   2.6.26
+Why:    Enabling either of those makes Linux TCP incompatible with masquerading and
+        also opens Linux to the CVE-2005-0356 denial of service attack.  And these
+        optimizations are explicitely disallowed by some benchmarks. They also have
+        been disabled by default for more than ten years so they're unlikely to be used
+	much. Due to these fatal flaws it doesn't make sense to keep the code.
+Who:    Andi Kleen <andi@...stfloor.org>
+
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists