Project

General

Profile

Bug #41028

Patch FreeBSD CVE-2018-6922 "Resource exhaustion in TCP reassembly"

Added by Alexander Motin 11 months ago. Updated 10 months ago.

Status:
Done
Priority:
No priority
Assignee:
Alexander Motin
Category:
OS
Target version:
Seen in:
Severity:
Medium
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

FreeBSD announced issue, that may be used as a method for DoS attack via specifically crafted TCP connection: https://www.freebsd.org/security/advisories/FreeBSD-SA-18:08.tcp.asc

No data leak or corruption, only excessive CPU usage.


Related issues

Related to FreeNAS - Bug #43558: Relax the TCP reassembly queue length limit to improve performanceDone

Associated revisions

Revision 80859128 (diff)
Added by Dru Lavigne 10 months ago

Mention patches for recent vulnerabilities.
Ticket: #41028
Ticket: #41385
Ticket: #41772

History

#1 Updated by Alexander Motin 11 months ago

  • Description updated (diff)
  • Status changed from Unscreened to Ready for Testing

#2 Updated by Dru Lavigne 11 months ago

  • Needs Merging changed from Yes to No

#3 Updated by Dru Lavigne 11 months ago

  • Target version changed from 11.2-BETA3 to 11.1-U6

#4 Updated by Dru Lavigne 11 months ago

  • Status changed from Ready for Testing to In Progress
  • Needs Merging changed from No to Yes

#5 Updated by Dru Lavigne 11 months ago

  • Status changed from In Progress to Ready for Testing
  • Needs Merging changed from Yes to No

#6 Updated by Alexander Motin 11 months ago

#7 Updated by Alexander Motin 11 months ago

The only thing can be tested there easily is presence of net.inet.tcp.reass.maxqueuelen sysctl.

#8 Updated by Bonnie Follweiler 11 months ago

  • Status changed from Ready for Testing to Passed Testing
  • Needs QA changed from Yes to No

Test Passed in FreeNAS 11.1-U6 Internal3

#10 Updated by Dru Lavigne 10 months ago

  • Status changed from Passed Testing to Done
  • Needs Doc changed from Yes to No

#11 Updated by Alexander Motin 10 months ago

  • Related to Bug #43558: Relax the TCP reassembly queue length limit to improve performance added

Also available in: Atom PDF