Actions
Security #6675
closed
JI
JI
Security #6493: ip defrag: several issues with overlap handling
ip-defrag: packet can be considered complete even with holes
Security #6675:
ip-defrag: packet can be considered complete even with holes
Git IDs:
d226d0a3fce8837936e1bdfaee496c80d417e0a5
Severity:
MODERATE
Disclosure Date:
Description
The test to check if all fragments exist is flawed. It adds up the data lengths, which can cause it to be larger than the data available in case of fragments.
To fix, the length of the re-assembled packet should only be incremented to the last byte of data seen.
This is covered by test peose/bsd/173
OT Updated by OISF Ticketbot about 2 years ago
- Subtask #6676 added
OT Updated by OISF Ticketbot about 2 years ago
- Label deleted (
Needs backport to 6.0)
OT Updated by OISF Ticketbot about 2 years ago
- Subtask #6677 added
OT Updated by OISF Ticketbot about 2 years ago
- Label deleted (
Needs backport to 7.0)
JI Updated by Jason Ish about 2 years ago
- Status changed from Assigned to In Review
JI Updated by Jason Ish about 2 years ago
- Description updated (diff)
VJ Updated by Victor Julien almost 2 years ago
- CVE set to 2024-32867
VJ Updated by Victor Julien almost 2 years ago
- Status changed from In Review to Closed
- Git IDs updated (diff)
VJ Updated by Victor Julien almost 2 years ago
- Private changed from Yes to No
Actions