[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <b0505775-913f-79d2-fac8-d81184233a05@gmail.com>
Date: Wed, 25 Mar 2020 08:58:02 -0700
From: Eric Dumazet <eric.dumazet@...il.com>
To: Stephen Hemminger <stephen@...workplumber.org>,
netdev@...r.kernel.org, fengxw18@...ls.tsinghua.edu.cn
Subject: Re: Fw: [Bug 206943] New: Forcing IP fragmentation on TCP segments
maliciously
On 3/25/20 8:26 AM, Stephen Hemminger wrote:
>
>
> Begin forwarded message:
>
> Date: Wed, 25 Mar 2020 08:37:58 +0000
> From: bugzilla-daemon@...zilla.kernel.org
> To: stephen@...workplumber.org
> Subject: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously
>
>
> https://bugzilla.kernel.org/show_bug.cgi?id=206943
>
> Bug ID: 206943
> Summary: Forcing IP fragmentation on TCP segments maliciously
> Product: Networking
> Version: 2.5
> Kernel Version: version 3.9
> Hardware: All
> OS: Linux
> Tree: Mainline
> Status: NEW
> Severity: high
> Priority: P1
> Component: IPV4
> Assignee: stephen@...workplumber.org
> Reporter: fengxw18@...ls.tsinghua.edu.cn
> Regression: No
>
> A forged ICMP "Fragmentation Needed" message embedded with an echo reply data
> can be used to defer the feedback of path MTU, thus tricking a Linux-based host
> (version 3.9 and higher) into fragmenting TCP segments, even if the host
> performs Path MTU discovery (PMTUD). Hence, an off-path attacker can poison the
> TCP data via IP fragmentation.
Usually, researchers finding stuff like that start a private communication
with involved parties.
Please send us the thesis or the details so that we can assess if the bug is critical
or not, considering the troubled time we live.
Thanks.
Powered by blists - more mailing lists