Project

General

Profile

Actions

Security #6493

closed

ip defrag: several issues with overlap handling

Added by Victor Julien over 1 year ago. Updated about 13 hours ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
MODERATE
Disclosure Date:
02/06/2024

Description

Tracking issue for report highlighting several issues in ip-defrag. Please create sub-tickets for the individual issues.

Severity TBD at this point.


Subtasks 9 (0 open9 closed)

Security #6668: ip defrag: final overlapping packet can lead to "hole" in re-assembled dataClosedJason IshActions
Security #6671: ip defrag: final overlapping packet can lead to "hole" in re-assembled data (6.0.x backport)ClosedJason IshActions
Security #6673: ip defrag: final overlapping packet can lead to "hole" in re-assembled data (7.0.x backport)ClosedJason IshActions
Security #6669: ip defrag: re-assembly error in bsd policyClosedJason IshActions
Security #6670: ip defrag: re-assembly error in bsd policy (6.0.x backport)ClosedJason IshActions
Security #6672: ip defrag: re-assembly error in bsd policy (7.0.x backport)ClosedJason IshActions
Security #6675: ip-defrag: packet can be considered complete even with holesClosedJason IshActions
Security #6676: ip-defrag: packet can be considered complete even with holes (6.0.x backport)ClosedJason IshActions
Security #6677: ip-defrag: packet can be considered complete even with holes (7.0.x backport)ClosedJason IshActions
Actions #1

Updated by OISF Ticketbot over 1 year ago

  • Subtask #6494 added
Actions #2

Updated by OISF Ticketbot over 1 year ago

  • Label deleted (Needs backport to 6.0)
Actions #3

Updated by Victor Julien over 1 year ago

  • Target version changed from 7.0.3 to 8.0.0-beta1
  • Label Needs backport to 7.0 added
Actions #4

Updated by OISF Ticketbot over 1 year ago

  • Subtask #6518 added
Actions #5

Updated by OISF Ticketbot over 1 year ago

  • Label deleted (Needs backport to 7.0)
Actions #6

Updated by Victor Julien over 1 year ago

  • Disclosure Date set to 02/06/2024
Actions #7

Updated by Victor Julien over 1 year ago

Severity MODERATE as it depends on host-os-policy that most ppl don't touch. Setups using AF_PACKET generally use defrag handling by the Linux kernel.

Actions #8

Updated by Jason Ish over 1 year ago

  • Subtask #6668 added
Actions #9

Updated by Jason Ish over 1 year ago

  • Subtask #6669 added
Actions #10

Updated by Jason Ish over 1 year ago

  • Subtask #6675 added
Actions #11

Updated by Jason Ish about 1 year ago

  • Subtask deleted (#6518)
Actions #12

Updated by Jason Ish about 1 year ago

  • Subtask deleted (#6494)
Actions #13

Updated by Jason Ish 7 months ago

  • Status changed from Assigned to Closed

Closing, all sub-tasks completed. New issues can get a new ticket.

Actions #14

Updated by Juliana Fajardini Reichow about 13 hours ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF