Actions
Security #6668
closed
JI
JI
Security #6493: ip defrag: several issues with overlap handling
ip defrag: final overlapping packet can lead to "hole" in re-assembled data
Security #6668:
ip defrag: final overlapping packet can lead to "hole" in re-assembled data
Git IDs:
d0fd0782505d837e691ceef1b801776f0db82726
Severity:
MODERATE
Disclosure Date:
Description
This is covered in test: bsd/peos/test_361
Given a packet that covers regions M-N and has MF set to 0, but there is a still a hole before region M. Then another packet comes in and covers (M-1)-N, we could have a hole in the re-assembled as the packet received first comes first in the iteration of packets to be re-assembled, and we break on the MF flag being 0.
Instead we should iterate one more time, as the following packet may fill in the hole.
JI Updated by Jason Ish over 2 years ago
- Assignee changed from OISF Dev to Jason Ish
- Target version changed from TBD to 8.0.0-beta1
OT Updated by OISF Ticketbot over 2 years ago
- Subtask #6671 added
OT Updated by OISF Ticketbot over 2 years ago
- Label deleted (
Needs backport to 6.0)
OT Updated by OISF Ticketbot over 2 years ago
- Subtask #6673 added
OT Updated by OISF Ticketbot over 2 years ago
- Label deleted (
Needs backport to 7.0)
JI Updated by Jason Ish about 2 years ago
- Status changed from New to In Review
VJ Updated by Victor Julien almost 2 years ago
- CVE set to 2024-32867
VJ Updated by Victor Julien almost 2 years ago
- Status changed from In Review to Closed
- Git IDs updated (diff)
VJ Updated by Victor Julien almost 2 years ago
- Private changed from Yes to No
Actions