d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys/netinet6
History
jtl 55789af7ee Drop 0-byte IPv6 fragments. 
Currently, we process IPv6 fragments with 0 bytes of payload, add them
to the reassembly queue, and do not recognize them as duplicating or
overlapping with adjacent 0-byte fragments. An attacker can exploit this
to create long fragment queues.

There is no legitimate reason for a fragment with no payload. However,
because IPv6 packets with an empty payload are acceptable, allow an
"atomic" fragment with no payload.

Reviewed by:	jhb
Security:	FreeBSD-SA-18:10.ip
Security:	CVE-2018-6923
2018-08-14 17:29:22 +00:00
..
dest6.c
Remove some unneccessary variable sets in IPv6 code, as detected by
2018-03-24 12:43:34 +00:00
frag6.c
Drop 0-byte IPv6 fragments.
2018-08-14 17:29:22 +00:00
icmp6.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
icmp6.h
in6_cksum.c
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
in6_fib.c
Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9).
2018-06-16 08:26:23 +00:00
in6_fib.h
Renumber copyright clause 4
2017-02-28 23:42:47 +00:00
in6_gif.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
in6_ifattach.c
Remove stale comment. in6_ifdetach() can be called from places
2018-06-14 09:29:39 +00:00
in6_ifattach.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
in6_jail.c
Move most of the contents of opt_compat.h to opt_global.h.
2018-04-06 17:35:35 +00:00
in6_mcast.c
[ppc] Fix kernel panic when using BOOTP_NFSROOT
2018-08-09 14:04:51 +00:00
in6_pcb.c
in6_pcblookup_hash: validate inp for liveness
2018-07-01 01:01:59 +00:00
in6_pcb.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
in6_pcbgroup.c
sys: general adoption of SPDX licensing ID tags.
2017-11-27 15:23:17 +00:00
in6_proto.c
Implement a limit on on the number of IPv6 reassembly queues per bucket.
2018-08-14 17:27:41 +00:00
in6_rmx.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
in6_rss.c
in6_rss.h
in6_src.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
in6_var.h
CK: update consumers to use CK macros across the board
2018-05-24 23:21:23 +00:00
in6.c
Move invoking of callout_stop(&lle->lle_timer) into llentry_free().
2018-07-17 11:33:23 +00:00
in6.h
Implement a limit on on the number of IPv6 reassembly queues per bucket.
2018-08-14 17:27:41 +00:00
ip6_ecn.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
ip6_fastfwd.c
Send an ICMPv6 PacketTooBig message in case of forwading a packet which
2018-05-02 22:11:16 +00:00
ip6_forward.c
netpfil: Introduce PFIL_FWD flag
2018-03-23 16:56:44 +00:00
ip6_gre.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
ip6_id.c
Fix some typos.
2017-12-28 20:40:56 +00:00
ip6_input.c
Restore ability to send ICMP and ICMPv6 redirects.
2018-08-14 07:54:14 +00:00
ip6_mroute.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
ip6_mroute.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
ip6_output.c
acquire inp lock around ip6_pcbopt to fix IPV6_TCLASS panic
2018-07-15 00:47:06 +00:00
ip6_var.h
Implement a limit on on the number of IPv6 reassembly queues per bucket.
2018-08-14 17:27:41 +00:00
ip6.h
ip6protosw.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
ip_fw_nat64.h
Add ipfw_nat64 module that implements stateless and stateful NAT64.
2016-08-13 16:09:49 +00:00
ip_fw_nptv6.h
Add ipfw_nptv6 module that implements Network Prefix Translation for IPv6
2016-07-18 19:46:31 +00:00
mld6_var.h
Separate list manipulation locking from state change in multicast
2018-05-02 19:36:29 +00:00
mld6.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
mld6.h
sys: general adoption of SPDX licensing ID tags.
2017-11-27 15:23:17 +00:00
nd6_nbr.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
nd6_rtr.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
nd6.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
nd6.h
Do pass removing some write-only variables from the kernel.
2017-12-25 04:48:39 +00:00
pim6_var.h
Rework IP encapsulation handling code.
2018-06-05 20:51:01 +00:00
pim6.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
raw_ip6.c
epoch(9): allow preemptible epochs to compose
2018-07-04 02:47:16 +00:00
raw_ip6.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
route6.c
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
scope6_var.h
Constify argument of in6_getscope().
2018-06-05 20:54:29 +00:00
scope6.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
sctp6_usrreq.c
Use a macro to set the assoc state. I missed this in r337706.
2018-08-14 08:33:47 +00:00
sctp6_var.h
Whitespace changes due to changes in ident.
2018-07-19 20:16:33 +00:00
send.c
Use the new VNET_DEFINE_STATIC macro when we are defining static VNET
2018-07-24 16:35:52 +00:00
send.h
sys: general adoption of SPDX licensing ID tags.
2017-11-27 15:23:17 +00:00
tcp6_var.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00
udp6_usrreq.c
Add a dtrace provider for UDP-Lite.
2018-07-31 22:56:03 +00:00
udp6_var.h
sys: further adoption of SPDX licensing ID tags.
2017-11-20 19:43:44 +00:00