oss-sec mailing list archives

Re: CVE Request -- kernel: tcp: drop SYN+FIN messages

From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 30 May 2012 20:25:23 +0200

* John Haxby:

Recently we have a couple of queries relating to a Nessus "TCP/IP
SYN+FIN Packet Filtering Weakness".   This has not been helped by the
fact that [1] actually points (indrectly) to CVE-2002-2438 which is
actually a SYN+RST problem.


Reading the discussion here,

  <http://comments.gmane.org/gmane.linux.network/213981>

it seems to me that this is just a performance optimization which
could be bypassed by using different flags, so I don't think there's a
vulnerability or fix here, except the general lack of source IP
address validation in IP networks.

Current thread:

CVE Request -- kernel: tcp: drop SYN+FIN messages John Haxby (May 30)
- Re: CVE Request -- kernel: tcp: drop SYN+FIN messages John Haxby (May 30)
- Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Florian Weimer (May 30)
  - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages John Haxby (May 30)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Kurt Seifried (May 30)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Kurt Seifried (May 30)
- Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Kurt Seifried (May 30)
  - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Kurt Seifried (May 31)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages John Haxby (Jun 01)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Kurt Seifried (Jun 01)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages John Haxby (Jun 01)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages Kurt Seifried (Jun 01)
    - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages John Haxby (Jun 07)

(Thread continues...)