oss-sec mailing list archives
Re: CVE request: kernel: ipv6: make fragment identifications less predictable
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 20 Jul 2011 13:27:13 +0530
On 07/20/2011 12:42 PM, Eugene Teo wrote:
IPv6 fragment identification generation is way beyond what we use for IPv4 : It uses a single generator. Its not scalable and allows DoS attacks. Now inetpeer is IPv6 aware, we can use it to provide a more secure and scalable frag ident generator (per destination, instead of system wide) This patch : 1) defines a new secure_ipv6_id() helper 2) extends inet_getid() to provide 32bit results 3) extends ipv6_select_ident() with a new dest parameter http://thread.gmane.org/gmane.linux.network/201773/focus=201776 https://bugzilla.redhat.com/show_bug.cgi?id=723429 Thanks, Eugene
Please use CVE-2011-2699 -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE request: kernel: ipv6: make fragment identifications less predictable Eugene Teo (Jul 20)
- Re: CVE request: kernel: ipv6: make fragment identifications less predictable Huzaifa Sidhpurwala (Jul 20)