lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1342427747.4812.2.camel@edumazet-glaptop> Date: Mon, 16 Jul 2012 10:35:47 +0200 From: Eric Dumazet <eric.dumazet@...il.com> To: "Kiran (Kiran Kumar) Kella" <kkiran@...adcom.com> Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: RE: Is TCP vulneribility patch (as in RFC 5961) done in linux? On Mon, 2012-07-16 at 10:33 +0200, Eric Dumazet wrote: > On Mon, 2012-07-16 at 07:06 +0000, Kiran (Kiran Kumar) Kella wrote: > > Looking into the file tcp_input.c in the latest stable linux release 3.4.4 source, I understand the fix for this recommendation is not implemented in Linux. > > Any reason why it was not addressed? > > Nobody cared ? > > Are you planning to send a patch ? > By the way, if the attacker replaces the RST bit by FIN bit, how are we going to deal with the problem ? Also many middleboxes will drop the challenge ACK... -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists