Date: Tue, 18 Jun 2019 08:39:55 -0700 From: Cy Schubert <Cy.Schubert@cschubert.com> To: hiren <hiren@strugglingcoder.info>, hiren via freebsd-security <freebsd-security@freebsd.org>, mike tancsa <mike@sentex.net> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: TCP SACK (CVE-2019-5599) Message-ID: <4FEA2C68-77D2-4DE7-BCD4-9D1F9343670B@cschubert.com> In-Reply-To: <20190618145709.GI52008@strugglingcoder.info> References: <29d6e221-e88a-f828-0e5b-ac235691ed86@sentex.net> <20190618145709.GI52008@strugglingcoder.info>
next in thread | previous in thread | raw e-mail | index | archive | help
On June 18, 2019 7:57:09 AM PDT, hiren via freebsd-security <freebsd-securi= ty@freebsd=2Eorg> wrote: >On 06/18/19 at 10:33P, mike tancsa wrote: >> Hi all, >> With respect to the bugs describe in >> >https://github=2Ecom/Netflix/security-bulletins/blob/master/advisories/th= ird-party/2019-001=2Emd >> *<quote> >> SACK Slowness (FreeBSD 12 using the RACK TCP Stack) >[snip] >>=20 >> *</quote>* >>=20 >> *How does I know if this is enabled in my default kernel on RELENG_12 >? >> There is some vague mention in various forums this is not the default >on >> FreeBSD ? Can anyone shed more light as to how this does/does not >impact >> FreeBSD ? > >RACK is one of the tcp stacks ($src/sys/netinet/tcp_stacks) and not >enabled by default=2E > >So, by default, FreeBSD is not affected, afaict=2E This advisory is for >when you do use RACK=2E > >Cheers, >Hiren They post a workaround patch in their advisory=2E As RACK is their contrib= ution, I suppose one of their people who are committers might want to commi= t it=2E --=20 Pardon the typos and autocorrect, small keyboard in use=2E Cheers, Cy Schubert <Cy=2ESchubert@cschubert=2Ecom> FreeBSD UNIX: <cy@FreeBSD=2Eorg> Web: http://www=2EFreeBSD=2Eorg The need of the many outweighs the greed of the few=2E
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FEA2C68-77D2-4DE7-BCD4-9D1F9343670B>