TCP reassembly CPU hog - does it need to be fixed? (FreeBSD CVE-2018-6922)

To: tech-net%netbsd.org@localhost
Subject: TCP reassembly CPU hog - does it need to be fixed? (FreeBSD CVE-2018-6922)
From: Jaromír Doleček <jaromir.dolecek%gmail.com@localhost>
Date: Thu, 9 Aug 2018 20:27:54 +0200

Hi,

is this problem something we'd need to address in our code too?

https://www.theregister.co.uk/2018/08/08/freebsd_tcp_queue_vulnerability/

FreeBSD advisory:
https://www.freebsd.org/security/advisories/FreeBSD-SA-18:08.tcp.asc

Brief look on our code reveals we use a queue too, seemingly without
apparent limits besides available memory.

FreeBSD fix was simply limit the queue to 100 packets by default.

Jaromir

Follow-Ups:
- Re: TCP reassembly CPU hog - does it need to be fixed? (FreeBSD CVE-2018-6922)
  - From: Maxime Villard

Prev by Date: Re: Time to retire some ancient network pseudo-interfaces?
Next by Date: Re: TCP reassembly CPU hog - does it need to be fixed? (FreeBSD CVE-2018-6922)
Previous by Thread: Bug in urtwn_llt_init()?
Next by Thread: Re: TCP reassembly CPU hog - does it need to be fixed? (FreeBSD CVE-2018-6922)
Indexes:

Home | Main Index | Thread Index | Old Index