Re: TCP Fast Open local DoS in some Linux stable branches

[Ben Hutchings <ben () decadent org uk>]

On Tue, 2015-04-14 at 21:24 +0100, Ben Hutchings wrote:
> There is a local DoS triggered by use of the TCP Fast Open option,
> specific to Linux stable branches, as a result of an incompletely
> backported bug fix:
>
> https://bugs.debian.org/782515
> http://thread.gmane.org/gmane.linux.network/359588
>
> The 3.16.7-ckt stable branch is definitely affected, and I believe but
> haven't tested that the 3.10, 3.12, 3.13.11-ckt and 3.14 branches are
> also affected.
>
> Please assign a CVE ID for this.

As mitigation, TCP Fast Open can be disabled by setting sysctl
net.ipv4.tcp_fastopen=0.  It was disabled by default before Linux 3.13.

Ben.

-- 
Ben Hutchings
Editing code like this is akin to sticking plasters on the bleeding stump
of a severed limb. - me, 29 June 1999

Attachment: signature.asc
Description: This is a digitally signed message part