[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#305655: CAN-2004-0790: TCP connection DoS through ICMP_QUENCH messages



Package: kernel-source-2.4.27
Version: 2.4.27-9 (not installed)
Severity: important
Tags: security patch

http://www.gont.com.ar/drafts/draft-gont-tcpm-icmp-attacks-03.txt describes
several attacks on TCP through ICMP. One of the described problems affects
kernel 2.4 as well. Patch is attached (it's the upstream patch from Dave
S. Miller), it applies to 2.6 and 2.4.

Cheers,
        Moritz

-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro

diff -Naru a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c	2005-04-21 01:04:30 -07:00
+++ b/net/ipv4/tcp_ipv4.c	2005-04-21 01:04:30 -07:00
@@ -1025,11 +1025,7 @@
 
 	switch (type) {
 	case ICMP_SOURCE_QUENCH:
-		/* This is deprecated, but if someone generated it,
-		 * we have no reasons to ignore it.
-		 */
-		if (sk->lock.users == 0)
-			tcp_enter_cwr(tp);
+		/* Just silently ignore these. */
 		goto out;
 	case ICMP_PARAMETERPROB:
 		err = EPROTO;
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
#   2004/09/13 15:57:49-07:00 davem@nuts.davemloft.net 
#   [TCP]: Just silently ignore ICMP Source Quench messages.
#   
#   Recommended by draft-gont-tcpm-icmp-attacks-01.txt
#   
#   Signed-off-by: David S. Miller <davem@davemloft.net>
# 
# net/ipv4/tcp_ipv4.c
#   2004/09/13 15:57:37-07:00 davem@nuts.davemloft.net +1 -5
#   [TCP]: Just silently ignore ICMP Source Quench messages.
# 

Reply to: