[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#559107: weaknesses in BSD PRNG algorithms

severity 559107 important

But the status of CVE-2008-114[678] is still open. Do they affect the
KFreeBSD port? What's the position of the FreeBSD kernel developers on
these issues?

I used as description this


The GNU/kFreeBSD (kfreebsd-?) is not affected by CVE-2008-1146 and CVE-2008-1148 at all.

For CVE-2008-1147 holds:

  Exploitations of the predictability of the IP fragmentation ID were made
  public almost a decade ago.
  NetBSD, FreeBSD and DragonFlyBSD do not randomize IP fragmentation ID
  field at all by default, and provide a kernel flag
  (net.inet.ip.random_id) that enables randomization through the weak algorithm.

The weak algorithm have been replaced by upstream commit (Feb 6 2008)

  Replace the random IP ID generation code we
  obtained from OpenBSD with an algorithm suggested
  by Amit Klein.  The OpenBSD algorithm has a few
  flaws; see Amit's paper for more information.

  For a description of how this algorithm works,
  please see the comments within the code.

  Note that this commit does not yet enable random IP ID
  generation by default.  There are still some concerns
  that doing so will adversely affect performance.

This commit have not been MFC-ed to STABLE-7.
The default value for net.inet.ip.random_id is 0 even in HEAD,

The FreeBSD developers/security_team did publish no "security advisory", no "errata notice", they did not include it in next release (7.1 - January 2009).


Reply to: