| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpUq3EUu8GWsqbm_j9NonMGuWy0Qfimq1But9WrPsK8rbA@mail.gmail.com> Date: Mon, 21 Oct 2013 20:02:23 -0700 From: Cong Wang <xiyou.wangcong@...il.com> To: Linus Lüssing <linus.luessing@....de> Cc: Linux Kernel Network Developers <netdev@...r.kernel.org>, bridge@...ts.linux-foundation.org, Stephen Hemminger <stephen@...workplumber.org>, "David S. Miller" <davem@...emloft.net>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] Revert "bridge: only expire the mdb entry when query is received" On Sat, Oct 19, 2013 at 3:58 PM, Linus Lüssing <linus.luessing@....de> wrote: > While this commit was a good attempt to fix issues occuring when no > multicast querier is present, this commit still has two more issues: > > 1) There are cases where mdb entries do not expire even if there is a > querier present. The bridge will unnecessarily continue flooding > multicast packets on the according ports. > > 2) Never removing an mdb entry could be exploited for a Denial of > Service by an attacker on the local link, slowly, but steadily eating up > all memory. > I raised the first issue too when I sent the patch, but Herbert said it is not a problem. So, I will leave this to Herbert to decide. For me, your patch makes sense. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists