lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAB=W+onFe1LW2K8=2+U58TatrD6U_NqKV+B4G9N6jUo8WkD_hg@mail.gmail.com>
Date:   Thu, 4 Apr 2019 18:18:30 -0600
From:   Captain Wiggum <captwiggum@...il.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Florian Westphal <fw@...len.de>,
        Eric Dumazet <edumazet@...gle.com>,
        Peter Oskolkov <posk@...gle.com>, netdev@...r.kernel.org,
        stable@...r.kernel.org
Subject: [PATCH net] ipv6: un-do: defrag: drop non-last frags smaller than min mtu

Hi Greg,

A previous bad patch breaks 18 test cases for IPv6 fragment headers.
This has already been un-done in upstream, but not in any of the LTS.
However two upstream patches are first needed to cover a DoS vulnerability.

For background, there are two mail threads in [netdev] on this subject:
1) Subject: TAHI testing fails for IPv6 Fragments in Kernel 4.9 (from
captwiggum)
2) Subject: Please merge IPv6 fix for drop fragment smaller than MTU
(from captwiggum)

Two patches from upstream needed first to cover the DoS:

commit d4289fcc9b16b89619ee1c54f829e05e56de8b9a
net: IP6 defrag: use rbtrees for IPv6 defrag

commit 997dd96471641e147cb2c33ad54284000d0f5e35
net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c

One undo-patch to fix the IPv6 fragment headers:

ipv6: defrag: drop non-last frags smaller than min mtu
UN-DO: commit a8444b1ccb20339774af58e40ad42296074fb484

Thanks!

--John Masinter (captwiggum)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ