oss-sec mailing list archives
Re: TCP Fast Open local DoS in some Linux stable branches
From: Ben Hutchings <ben () decadent org uk>
Date: Wed, 15 Apr 2015 18:55:01 +0100
On Tue, 2015-04-14 at 21:24 +0100, Ben Hutchings wrote:
There is a local DoS triggered by use of the TCP Fast Open option, specific to Linux stable branches, as a result of an incompletely backported bug fix: https://bugs.debian.org/782515 http://thread.gmane.org/gmane.linux.network/359588 The 3.16.7-ckt stable branch is definitely affected, and I believe but haven't tested that the 3.10, 3.12, 3.13.11-ckt and 3.14 branches are also affected. Please assign a CVE ID for this.
As mitigation, TCP Fast Open can be disabled by setting sysctl net.ipv4.tcp_fastopen=0. It was disabled by default before Linux 3.13. Ben. -- Ben Hutchings Editing code like this is akin to sticking plasters on the bleeding stump of a severed limb. - me, 29 June 1999
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- TCP Fast Open local DoS in some Linux stable branches Ben Hutchings (Apr 14)
- Re: TCP Fast Open local DoS in some Linux stable branches Ben Hutchings (Apr 15)
- Re: TCP Fast Open local DoS in some Linux stable branches - Linux kernel cve-assign (Apr 17)