* Fw: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously
@ 2020-03-25 15:26 Stephen Hemminger
2020-03-25 15:58 ` Eric Dumazet
0 siblings, 1 reply; 2+ messages in thread
From: Stephen Hemminger @ 2020-03-25 15:26 UTC (permalink / raw)
To: netdev
Begin forwarded message:
Date: Wed, 25 Mar 2020 08:37:58 +0000
From: bugzilla-daemon@bugzilla.kernel.org
To: stephen@networkplumber.org
Subject: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously
https://bugzilla.kernel.org/show_bug.cgi?id=206943
Bug ID: 206943
Summary: Forcing IP fragmentation on TCP segments maliciously
Product: Networking
Version: 2.5
Kernel Version: version 3.9
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: high
Priority: P1
Component: IPV4
Assignee: stephen@networkplumber.org
Reporter: fengxw18@mails.tsinghua.edu.cn
Regression: No
A forged ICMP "Fragmentation Needed" message embedded with an echo reply data
can be used to defer the feedback of path MTU, thus tricking a Linux-based host
(version 3.9 and higher) into fragmenting TCP segments, even if the host
performs Path MTU discovery (PMTUD). Hence, an off-path attacker can poison the
TCP data via IP fragmentation.
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: Fw: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously
2020-03-25 15:26 Fw: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously Stephen Hemminger
@ 2020-03-25 15:58 ` Eric Dumazet
0 siblings, 0 replies; 2+ messages in thread
From: Eric Dumazet @ 2020-03-25 15:58 UTC (permalink / raw)
To: Stephen Hemminger, netdev, fengxw18
On 3/25/20 8:26 AM, Stephen Hemminger wrote:
>
>
> Begin forwarded message:
>
> Date: Wed, 25 Mar 2020 08:37:58 +0000
> From: bugzilla-daemon@bugzilla.kernel.org
> To: stephen@networkplumber.org
> Subject: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously
>
>
> https://bugzilla.kernel.org/show_bug.cgi?id=206943
>
> Bug ID: 206943
> Summary: Forcing IP fragmentation on TCP segments maliciously
> Product: Networking
> Version: 2.5
> Kernel Version: version 3.9
> Hardware: All
> OS: Linux
> Tree: Mainline
> Status: NEW
> Severity: high
> Priority: P1
> Component: IPV4
> Assignee: stephen@networkplumber.org
> Reporter: fengxw18@mails.tsinghua.edu.cn
> Regression: No
>
> A forged ICMP "Fragmentation Needed" message embedded with an echo reply data
> can be used to defer the feedback of path MTU, thus tricking a Linux-based host
> (version 3.9 and higher) into fragmenting TCP segments, even if the host
> performs Path MTU discovery (PMTUD). Hence, an off-path attacker can poison the
> TCP data via IP fragmentation.
Usually, researchers finding stuff like that start a private communication
with involved parties.
Please send us the thesis or the details so that we can assess if the bug is critical
or not, considering the troubled time we live.
Thanks.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-03-25 15:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-03-25 15:26 Fw: [Bug 206943] New: Forcing IP fragmentation on TCP segments maliciously Stephen Hemminger
2020-03-25 15:58 ` Eric Dumazet
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).