| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Feb 2019 21:50:51 -0800 (PST)
From: David Miller <davem@...emloft.net>
To: lorenzo.bianconi@...hat.com
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH net] net: ipv4: use a dedicated counter for icmp_v4
redirect packets
From: Lorenzo Bianconi <lorenzo.bianconi@...hat.com>
Date: Wed, 6 Feb 2019 19:18:04 +0100
> According to the algorithm described in the comment block at the
> beginning of ip_rt_send_redirect, the host should try to send
> 'ip_rt_redirect_number' ICMP redirect packets with an exponential
> backoff and then stop sending them at all assuming that the destination
> ignores redirects.
> If the device has previously sent some ICMP error packets that are
> rate-limited (e.g TTL expired) and continues to receive traffic,
> the redirect packets will never be transmitted. This happens since
> peer->rate_tokens will be typically greater than 'ip_rt_redirect_number'
> and so it will never be reset even if the redirect silence timeout
> (ip_rt_redirect_silence) has elapsed without receiving any packet
> requiring redirects.
>
> Fix it by using a dedicated counter for the number of ICMP redirect
> packets that has been sent by the host
>
> I have not been able to identify a given commit that introduced the
> issue since ip_rt_send_redirect implements the same rate-limiting
> algorithm from commit 1da177e4c3f4 ("Linux-2.6.12-rc2")
>
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@...hat.com>
Applied and queued up for -stable, thanks.
Powered by blists - more mailing lists