Re: IPv6 DoS

To: tech-net%netbsd.org@localhost
Subject: Re: IPv6 DoS
From: christos%astron.com@localhost (Christos Zoulas)
Date: Wed, 21 Aug 2013 13:35:18 +0000 (UTC)

In article <20130820194305.GA1348%mx.elandsys.com@localhost>,
Loganaden Velvindron  <logan%elandsys.com@localhost> wrote:
>Hi all,
>
>i saw this vulnerability that was MFC'ed in OpenBSD:
>
> 005: RELIABILITY FIX: May 31, 2013   All architectures
>A local denial of service is possible by an unprivileged user if 
>the SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a 
>specially crafted parameter. 
>
>Going through the netbsd in6.c code, it looks like netbsd is vulnerable
>as well.
>

The patch is not needed, we fixed that 7 years ago:

1.105        (christos 03-Jun-06):       * XXX: Fix me, once we fix SIOCSIFADDR,
SIOCIFDSTADDR, etc.
1.104        (christos 03-Jun-06):       */
1.104        (christos 03-Jun-06):      case SIOCSIFADDR:
1.105        (christos 03-Jun-06):      case SIOCSIFDSTADDR:
1.129        (cube     27-May-07): #ifdef SIOCSIFCONF_X25
1.106        (christos 03-Jun-06):      case SIOCSIFCONF_X25:
1.110        (matt     25-Aug-06): #endif
1.104        (christos 03-Jun-06):              return EOPNOTSUPP;

You might as well tell OpenBSD that SIOCSIFDSTADDR is problematic too ;-)

christos

References:
- IPv6 DoS
  - From: Loganaden Velvindron

Prev by Date: Re: SOLVED: Multicast problems with bridge(4) ports
Next by Date: Re: BPF_MISC+BPF_COP and BPF_COPX (summary and patch)
Previous by Thread: IPv6 DoS
Indexes:

Home | Main Index | Thread Index | Old Index