Bug#305664: marked as done (CAN-2004-0790: TCP connection DoS through ICMP_QUENCH messages)
Your message dated Thu, 6 Oct 2005 13:34:50 +0900
with message-id <20051006043450.GA19067@verge.net.au>
and subject line #305664: CAN-2004-0790: TCP connection DoS through ICMP_QUENCH messages
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 21 Apr 2005 08:45:46 +0000
>From muehlenhoff@univention.de Thu Apr 21 01:45:46 2005
Return-path: <muehlenhoff@univention.de>
Received: from moutng.kundenserver.de [212.227.126.184]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DOXJi-0002So-00; Thu, 21 Apr 2005 01:45:46 -0700
Received: from [212.227.126.205] (helo=mrelayng.kundenserver.de)
by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
id 1DOWwl-0000UJ-00
for submit@bugs.debian.org; Thu, 21 Apr 2005 10:22:03 +0200
Received: from [195.90.9.8] (helo=anton)
by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
id 1DOWwl-00063a-00
for submit@bugs.debian.org; Thu, 21 Apr 2005 10:22:03 +0200
Received: by anton (Postfix, from userid 2028)
id 0CAE0B6EC9; Thu, 21 Apr 2005 10:22:03 +0200 (CEST)
Content-Type: multipart/mixed; boundary="===============0440626745=="
MIME-Version: 1.0
From: Moritz Muehlenhoff <muehlenhoff@univention.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CAN-2004-0790: TCP connection DoS through ICMP_QUENCH messages
X-Mailer: reportbug 2.26.1.1.200308291454
Date: Thu, 21 Apr 2005 10:22:02 +0200
Message-Id: <20050421082203.0CAE0B6EC9@anton>
X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:4ad79d65ac46f2345c6ef2e856c1d9ef
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
This is a multi-part MIME message sent by reportbug.
--===============0440626745==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: kernel-source-2.6.8.
Version: 2.6.8-15 (not installed)
Severity: important
Tags: security patch
http://www.gont.com.ar/drafts/draft-gont-tcpm-icmp-attacks-03.txt describes
several attacks on TCP through ICMP. One of the described problems affects
kernel 2.6 as well. Patch is attached (it's the upstream patch from Dave
S. Miller from 2.6.9), it applies to 2.6 and 2.4.
Cheers,
Moritz
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro
--===============0440626745==
Content-Type: text/x-c; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="/home/jmm/CAN-2004-0790.patch"
diff -Naru a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
--- a/net/ipv4/tcp_ipv4.c 2005-04-21 01:04:30 -07:00
+++ b/net/ipv4/tcp_ipv4.c 2005-04-21 01:04:30 -07:00
@@ -1025,11 +1025,7 @@
switch (type) {
case ICMP_SOURCE_QUENCH:
- /* This is deprecated, but if someone generated it,
- * we have no reasons to ignore it.
- */
- if (sk->lock.users == 0)
- tcp_enter_cwr(tp);
+ /* Just silently ignore these. */
goto out;
case ICMP_PARAMETERPROB:
err = EPROTO;
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/09/13 15:57:49-07:00 davem@nuts.davemloft.net
# [TCP]: Just silently ignore ICMP Source Quench messages.
#
# Recommended by draft-gont-tcpm-icmp-attacks-01.txt
#
# Signed-off-by: David S. Miller <davem@davemloft.net>
#
# net/ipv4/tcp_ipv4.c
# 2004/09/13 15:57:37-07:00 davem@nuts.davemloft.net +1 -5
# [TCP]: Just silently ignore ICMP Source Quench messages.
#
--===============0440626745==--
---------------------------------------
Received: (at 305664-done) by bugs.debian.org; 6 Oct 2005 05:11:26 +0000
>From horms@koto.vergenet.net Wed Oct 05 22:11:26 2005
Return-path: <horms@koto.vergenet.net>
Received: from koto.vergenet.net [210.128.90.7]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ENO2Q-0004Cc-00; Wed, 05 Oct 2005 22:11:26 -0700
Received: by koto.vergenet.net (Postfix, from userid 7100)
id 8A43734028; Thu, 6 Oct 2005 14:10:54 +0900 (JST)
Date: Thu, 6 Oct 2005 13:34:50 +0900
From: Horms <horms@debian.org>
To: 305664-done@bugs.debian.org
Subject: #305664: CAN-2004-0790: TCP connection DoS through ICMP_QUENCH messages
Message-ID: <20051006043450.GA19067@verge.net.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Cluestick: seven
User-Agent: Mutt/1.5.11
Delivered-To: 305664-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
Fixed in 2.6.8-16
--
Horms
Reply to: