Site Navigation

Date:      Thu, 2 Apr 2015 19:15:45 -0700
From:      Eitan Adler <lists@eitanadler.com>
To:        FreeBSD Security Team <secteam@freebsd.org>, "freebsd-net@freebsd.org" <net@freebsd.org>, ljungmark@modio.se,  oss-security@lists.openwall.com
Subject:   Fwd: [oss-security] CVE Request : IPv6 Hop limit lowering via RA messages
Message-ID:  <CAF6rxgk6e1rT3prS3SS4FthshnVQdSrrE%2BbB65ps6Tx30UznAA@mail.gmail.com>
In-Reply-To: <CAO0vwOXOPSGb8xWiutn%2Br%2BrXhSQc3SwC8-S2bkpRZuRAvDOyHw@mail.gmail.com>
References:  <CAO0vwOXOPSGb8xWiutn%2Br%2BrXhSQc3SwC8-S2bkpRZuRAvDOyHw@mail.gmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

+ FreeBSD lists since I haven't seen any relevant patches (although I
might have missed them).

---------- Forwarded message ----------
From: D.S. Ljungmark <ljungmark@modio.se>
Date: 2 April 2015 at 10:19
Subject: [oss-security] CVE Request : IPv6 Hop limit lowering via RA messages
To: oss-security@lists.openwall.com


An unprivileged user on a local network can use IPv6 Neighbour
Discovery ICMP to broadcast a non-route with a low hop limit, this
causing machines to lower the hop limit on existing IPv6 routes.

Linux Patch: http://www.spinics.net/lists/netdev/msg322361.html
Redhat bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1203712

Projects impacted:  Linux kernel,  NetworkManager, FreeBSD Kernel


Regards,
  D.S. Ljungmark


-- 
Eitan Adler

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgk6e1rT3prS3SS4FthshnVQdSrrE%2BbB65ps6Tx30UznAA>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact