FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 05-31-2012, 10:58 PM
Brad Figg
 
Default tcp: drop SYN+FIN messages

With current stable Linux kernel release (as well as with most of the previous
versions) blocking TCP packets with the SYN bit set and the ACK,RST and FIN
bits cleared won't prevent incoming TCP connections.


Eric Dumazet (1):
tcp: drop SYN+FIN messages

net/ipv4/tcp_input.c | 2 ++
1 file changed, 2 insertions(+)

--
1.7.9.5


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 05-31-2012, 10:58 PM
Brad Figg
 
Default tcp: drop SYN+FIN messages

From: Eric Dumazet <eric.dumazet@gmail.com>

CVE-2012-2663

BugLink: http://bugs.launchpad.net/bugs/1007091

Denys Fedoryshchenko reported that SYN+FIN attacks were bringing his
linux machines to their limits.

Dont call conn_request() if the TCP flags includes SYN flag

Reported-by: Denys Fedoryshchenko <denys@visp.net.lb>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit fdf5af0daf8019cec2396cdef8fb042d80fe71fa)
Signed-off-by: Brad Figg <brad.figg@canonical.com>
---
net/ipv4/tcp_input.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 78dd38c..0cbb440 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -5811,6 +5811,8 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
goto discard;

if (th->syn) {
+ if (th->fin)
+ goto discard;
if (icsk->icsk_af_ops->conn_request(sk, skb) < 0)
return 1;

--
1.7.9.5


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 09:43 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org