Description: Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability
References:
 https://www.zerodayinitiative.com/advisories/ZDI-23-547/
 https://bugzilla.redhat.com/show_bug.cgi?id=2196292#c1
 https://www.interruptlabs.co.uk//articles/linux-ipv6-route-of-death
Notes:
 carnil> From ZDI advisory: "Mitigation: Given the nature of the
 carnil> vulnerability, the only salient mitigation strategy is to
 carnil> restrict interaction with the application." Upstream related
 carnil> commit is 4e006c7a6dac ("net: rpl: fix rpl header size
 carnil> calculation").
 carnil> Exploitng the issue requires rpl_seg_enabled to be enabled
 carnil> (net.ipv6.conf.*.rpl_seg_enabled=1)
 carnil> Fixed as well in 6.3.8 for 6.3.y.
Bugs:
upstream: released (6.4-rc6) [a2f4c143d76b1a47c91ef9bc46907116b111da0b]
6.1-upstream-stable: released (6.1.34) [251b5d68ac4748f210577d84f1cd5a664c54785f]
5.10-upstream-stable: released (5.10.184) [86e3981ff1bc501071100036435683c45aa70958]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.3.11-1)
6.1-bookworm-security: released (6.1.37-1)
5.10-bullseye-security: released (5.10.179-2) [bugfix/all/ipv6-rpl-Fix-Route-of-Death.patch]
4.19-buster-security: N/A "Vulnerable code not present"