blob: 288b3f5808d5bf54280d482f38734aedb5f2e69b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: Weak randomisation of IP ID generation
References:
https://arxiv.org/pdf/1906.10478.pdf
Notes:
carnil> Versions older than 4.1 might need 55f0fc7a02de ("inet: update
carnil> the IP ID generation algorithm to higher standards.").
carnil> This needs clarifying on the fixing commits.
bwh> That has been applied to 3.16 but I had to revert it and backport
bwh> several more upstream changes before I could switch to siphash.
Bugs:
upstream: released (5.1-rc4) [355b98553789b646ed97ad801a619ff898471b92], released (5.2-rc1) [df453700e8d81b1bdafdf684365ee2b9431fb702]
4.19-upstream-stable: released (4.19.35) [a1c2f3229734a4bb8d5ac008c0a67e025aa11547], released (4.19.48) [07480da0c8a1979e0973d6dd783b6aed966dccf6]
4.9-upstream-stable: released (4.9.169) [6996763856e1fb27ccae260e41fd73a3fff56678], released (4.9.190) [b97a2f3d58f439d11ececb2faa21dac775d63c5c]
3.16-upstream-stable: released (3.16.72) [9ebeec41ed3f52fd94267f25f8b9bf3f4cbf1e4e]
sid: released (5.2.6-1)
4.19-buster-security: released (4.19.37-5+deb10u2) [bugfix/all/net-switch-IP-ID-generator-to-siphash.patch]
4.9-stretch-security: released (4.9.168-1+deb9u5) [bugfix/all/inet-switch-ip-id-generator-to-siphash.patch]
3.16-jessie-security: released (3.16.72-1)
|
