oss-sec mailing list archives

CVE request --- acceptation of overlapping ipv6 fragments

From: Petr Matousek <pmatouse () redhat com>
Date: Thu, 8 Nov 2012 23:15:51 +0100

Accepting overlapping fragmented ipv6 packets can lead to Operating
Systems (OS) fingerprinting, IDS/IPS insertion/evasion, firewall
evasion.

Do not accept such packets.

Linux kernel upstream fix:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=70789d7052239992824628db8133de08dc78e593

References:
http://tools.ietf.org/rfc/rfc5722.txt
https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request --- acceptation of overlapping ipv6 fragments Petr Matousek (Nov 08)
- Re: CVE request --- acceptation of overlapping ipv6 fragments Kurt Seifried (Nov 09)