oss-sec mailing list archives
Re: CVE Request : IPv6 Hop limit lowering via RA messages
From: Dan McDonald <danmcd () omniti com>
Date: Thu, 2 Apr 2015 19:55:19 -0400
On Apr 2, 2015, at 1:19 PM, D.S. Ljungmark <ljungmark () modio se> wrote: An unprivileged user on a local network can use IPv6 Neighbour Discovery ICMP to broadcast a non-route with a low hop limit, this causing machines to lower the hop limit on existing IPv6 routes.
This low-hop-limit problem does not affect Illumos, but we added detection of the problem into our IPv6 NDP daemon:
https://marc.info/?l=illumos-developer&m=142748230615203&w=2
I can't speak to our cousins in Oracle Solaris, though.
FYI,
Dan McDonald - OmniOS Engineering
Current thread:
- CVE Request : IPv6 Hop limit lowering via RA messages D.S. Ljungmark (Apr 02)
- Re: CVE Request : IPv6 Hop limit lowering via RA messages Dan McDonald (Apr 02)
- Fwd: CVE Request : IPv6 Hop limit lowering via RA messages Eitan Adler (Apr 02)
- Re: CVE Request : IPv6 Hop limit lowering via RA messages Jim Thompson (Apr 03)
- Re: CVE Request : IPv6 Hop limit lowering via RA messages D.S. Ljungmark (Apr 03)
- Re: CVE Request : IPv6 Hop limit lowering via RA messages Loganaden Velvindron (Apr 03)
- Re: CVE Request : IPv6 Hop limit lowering via RA messages Jim Thompson (Apr 03)
- Re: CVE Request : IPv6 Hop limit lowering via RA messages cve-assign (Apr 04)
- Re: Re: CVE Request : IPv6 Hop limit lowering via RA messages Marcus Meissner (Apr 06)