| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191002215417.GB13866@breakpoint.cc>
Date: Wed, 2 Oct 2019 23:54:17 +0200
From: Florian Westphal <fw@...len.de>
To: Eric Dumazet <edumazet@...gle.com>
Cc: Florian Westphal <fw@...len.de>,
"David S . Miller" <davem@...emloft.net>,
netdev <netdev@...r.kernel.org>,
Eric Dumazet <eric.dumazet@...il.com>,
Hannes Frederic Sowa <hannes@...essinduktion.org>,
syzbot <syzkaller@...glegroups.com>
Subject: Re: [PATCH net] ipv6: drop incoming packets having a v4mapped source
address
Eric Dumazet <edumazet@...gle.com> wrote:
> > > @@ -223,6 +223,16 @@ static struct sk_buff *ip6_rcv_core(struct sk_buff *skb, struct net_device *dev,
> > > if (ipv6_addr_is_multicast(&hdr->saddr))
> > > goto err;
> > >
> > > + /* While RFC4291 is not explicit about v4mapped addresses
> > > + * in IPv6 headers, it seems clear linux dual-stack
> > > + * model can not deal properly with these.
> > > + * Security models could be fooled by ::ffff:127.0.0.1 for example.
> > > + *
> > > + * https://tools.ietf.org/html/draft-itojun-v6ops-v4mapped-harmful-02
> > > + */
> > > + if (ipv6_addr_v4mapped(&hdr->saddr))
> > > + goto err;
> > > +
> >
> > Any reason to only consider ->saddr instead of checking daddr as well?
>
> I do not see reasons the packet should be accepted for sane configurations ?
Fair enough, thanks for explaining.
Powered by blists - more mailing lists