"5f9f192d" (history) in projects: freebsd

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched hist:"5 f9f192d" (Results 1 – 1 of 1) sorted by relevance

/freebsd/sys/netinet6/
H A D	frag6.c	5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 5f9f192d Tue Aug 14 17:29:22 GMT 2018 Jonathan T. Looney <jtl@FreeBSD.org> Drop 0-byte IPv6 fragments. Currently, we process IPv6 fragments with 0 bytes of payload, add them to the reassembly queue, and do not recognize them as duplicating or overlapping with adjacent 0-byte fragments. An attacker can exploit this to create long fragment queues. There is no legitimate reason for a fragment with no payload. However, because IPv6 packets with an empty payload are acceptable, allow an "atomic" fragment with no payload. Reviewed by: jhb Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923