blob: e928be991efc50f84613ed453391c6385b20b466 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability
References:
https://www.zerodayinitiative.com/advisories/ZDI-23-547/
https://bugzilla.redhat.com/show_bug.cgi?id=2196292#c1
https://www.interruptlabs.co.uk//articles/linux-ipv6-route-of-death
Notes:
carnil> From ZDI advisory: "Mitigation: Given the nature of the
carnil> vulnerability, the only salient mitigation strategy is to
carnil> restrict interaction with the application." Upstream related
carnil> commit is 4e006c7a6dac ("net: rpl: fix rpl header size
carnil> calculation").
carnil> Exploitng the issue requires rpl_seg_enabled to be enabled
carnil> (net.ipv6.conf.*.rpl_seg_enabled=1)
Bugs:
upstream: needed
6.1-upstream-stable: needed
5.10-upstream-stable: needed
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: needed
5.10-bullseye-security: needed
4.19-buster-security: N/A "Vulnerable code not present"
|
