FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 07-11-2012, 09:30 PM
Brad Figg
 
Default Applied: netfilter: nf_conntrack_reasm: properly handle packets fragmented into a single fragment

On 07/11/2012 01:38 PM, Brad Figg wrote:
> CVE-2012-2744
>
> BugLink: http://bugs.launchpad.net/bugs/1234567
>
> When an ICMPV6_PKT_TOOBIG message is received with a MTU below 1280,
> all further packets include a fragment header.
>
> Unlike regular defragmentation, conntrack also needs to "reassemble"
> those fragments in order to obtain a packet without the fragment
> header for connection tracking. Currently nf_conntrack_reasm checks
> whether a fragment has either IP6_MF set or an offset != 0, which
> makes it ignore those fragments.
>
> Remove the invalid check and make reassembly handle fragment queues
> containing only a single fragment.
>
> Patrick McHardy (1):
> netfilter: nf_conntrack_reasm: properly handle packets fragmented
> into a single fragment
>
> .../src/net/ipv6/netfilter/nf_conntrack_reasm.c | 8 +-------
> .../src/net/ipv6/netfilter/nf_conntrack_reasm.c | 8 +-------
> net/ipv6/netfilter/nf_conntrack_reasm.c | 8 +-------
> 3 files changed, 3 insertions(+), 21 deletions(-)
>


--
Brad Figg brad.figg@canonical.com http://www.canonical.com



--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 09:28 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org