Debian Bug report logs -
#684072
CVE-2011-2393
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Mon, 06 Aug 2012 18:06:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Mon, 06 Aug 2012 18:06:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: kfreebsd-9
Severity: important
Tags: security
Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2393
I'm not sure if there's an upstream fix in the mean time?
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Fri, 31 Aug 2012 18:48:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Fri, 31 Aug 2012 18:48:03 GMT) (full text, mbox, link).
Message #10 received at 684072@bugs.debian.org (full text, mbox, reply):
forwarded 684072 http://www.freebsd.org/cgi/query-pr.cgi?pr=158726
--
The description of the problem is:
When flooding the local network with random router advertisements,
hosts and routers update the network information, consuming all
available CPU resources, making the systems unusable and unresponsive.
It happens only iff IPv6 autoconfiguration is enabled.
But we have only two choices
a) allow autoconfiguration and trust the network to provide correct input
for autoconfiguration
b) disable autoconfiguration and configure interface manually
Whether autoconfiguration is enabled is controlled by sysctl.
The pristine FreeBSD have autoconfiguration disabled,
our kernel have it enabled to match Linux kernel behaviour:
kfreebsd-8 (8.0-9) unstable; urgency=low
[ Aurelien Jarno ]
* Default to netinet6.ip6.v6only=0 and netinet6.ip6.accept_rtadv=1
to match the Linux kernel defaults.
-- Aurelien Jarno <aurel32@debian.org> Wed, 23 Jun 2010 21:31:54 +0200
What should we do ?
Petr
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Fri, 31 Aug 2012 19:51:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Steven Chamberlain <steven@pyro.eu.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Fri, 31 Aug 2012 19:51:03 GMT) (full text, mbox, link).
Message #17 received at 684072@bugs.debian.org (full text, mbox, reply):
Hi Petr,
On 31/08/12 20:06, Petr Salinger wrote:
> But we have only two choices
>
> a) allow autoconfiguration and trust the network to provide correct input
> for autoconfiguration
These are only accepted link-locally, and if someone can flood the link
layer with bogus rtadv packets they could flood with anything and still
cause a DoS. What really matters, I think, is that the system doesn't
crash and that _other_ network interfaces still function.
A safe, tunable limit on how many IPs/routes can be configured through
this mechanism seems sensible.
There was a patch proposed in PR/158726, which implements a _global_
limit. But that still means bogus rtadv's received on one interface
could break autoconfiguration on another; a per-interface limit would
be the only way to avoid that.
Unless upstream decide on a good way to patch this, we could choose to
ignore the issue (as something that must be handled by the sysadmin if
the situation arises), or:
> b) disable autoconfiguration and configure interface manually
But if someone is already relying on IPv6 autoconfiguration, changing
the default could leave their system inaccessible after a kernel update.
IPv6-only networks might also depend on this feature to perform a
network install. If it is disabled by default, we ought to provide an
easy way to re-enable it.
And this wouldn't really fix anything anyway; if someone needs to
enable rtadv on their system they become vulnerable to the same issue again.
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Fri, 07 Sep 2012 16:33:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Fri, 07 Sep 2012 16:33:08 GMT) (full text, mbox, link).
Message #22 received at 684072@bugs.debian.org (full text, mbox, reply):
On Fri, Aug 31, 2012 at 09:06:35PM +0200, Petr Salinger wrote:
> forwarded 684072 http://www.freebsd.org/cgi/query-pr.cgi?pr=158726
> --
>
> The description of the problem is:
>
> When flooding the local network with random router advertisements,
> hosts and routers update the network information, consuming all
> available CPU resources, making the systems unusable and unresponsive.
>
> It happens only iff IPv6 autoconfiguration is enabled.
> But we have only two choices
>
> a) allow autoconfiguration and trust the network to provide correct input
> for autoconfiguration
>
> b) disable autoconfiguration and configure interface manually
>
> Whether autoconfiguration is enabled is controlled by sysctl.
> The pristine FreeBSD have autoconfiguration disabled,
> our kernel have it enabled to match Linux kernel behaviour:
>
> kfreebsd-8 (8.0-9) unstable; urgency=low
>
> [ Aurelien Jarno ]
> * Default to netinet6.ip6.v6only=0 and netinet6.ip6.accept_rtadv=1
> to match the Linux kernel defaults.
>
> -- Aurelien Jarno <aurel32@debian.org> Wed, 23 Jun 2010 21:31:54 +0200
>
>
> What should we do ?
What about keeping autoconfig enabled and documenting the potential danger in
README.Debian (or somewhere similar), so that anyone concerned can disable
it locally?
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Mon, 29 Jul 2013 21:45:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Steven Chamberlain <steven@pyro.eu.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Mon, 29 Jul 2013 21:45:05 GMT) (full text, mbox, link).
Message #27 received at 684072@bugs.debian.org (full text, mbox, reply):
On 07/09/12 17:29, Moritz Muehlenhoff wrote:
> What about keeping autoconfig enabled and documenting the potential danger in
> README.Debian (or somewhere similar), so that anyone concerned can disable
> it locally?
It looks like we have a bigger problem than this:
I was going to simply write instructions on disabling IPv6
autoconfiguration, or how to completely disable IPv6 on an interface.
But when testing it on wheezy, it seems the necessary ifconfig flags are
not working on kfreebsd-amd64 or kfreebsd-i386, at least on 9.0 kernels:
# ifconfig xn0 ifdisabled
ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument
# ifconfig xn0 -accept_rtadv
ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument
This bug would have to be fixed in stable first. It looks like kernel
ABI breakage, but at first glance the ioctl looks correct and data
structures the same.
There is a sysctl but by design it only sets a default for interfaces
not 'attached' yet, which is of no help here. And changing the default
from the bootloader might not work either - a loader tunable for this
wasn't implemented until r253239 (kFreeBSD 9.2).
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Mon, 29 Jul 2013 23:15:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Steven Chamberlain <steven@pyro.eu.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Mon, 29 Jul 2013 23:15:08 GMT) (full text, mbox, link).
Message #32 received at 684072@bugs.debian.org (full text, mbox, reply):
On 29/07/13 22:40, Steven Chamberlain wrote:
> # ifconfig xn0 ifdisabled
> ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument
> # ifconfig xn0 -accept_rtadv
> ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument
Argh, that needs to be:
# ifconfig xn0 inet6 ifdisabled
# ifconfig xn0 inet6 -accept_rtadv
Then it works fine.
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply sent
to Debian FTP Masters <ftpmaster@ftp-master.debian.org>:
You have taken responsibility.
(Tue, 21 Oct 2014 11:36:44 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Tue, 21 Oct 2014 11:36:44 GMT) (full text, mbox, link).
Message #37 received at 684072-done@bugs.debian.org (full text, mbox, reply):
Version: 9.2-2+rm
Dear submitter,
as the package kfreebsd-9 has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/765606
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@ftp-master.debian.org.
Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 19 Nov 2014 07:41:57 GMT) (full text, mbox, link).
Bug unarchived.
Request was from Michael Gilbert <mgilbert@debian.org>
to control@bugs.debian.org.
(Sat, 14 Feb 2015 04:09:06 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#684072; Package kfreebsd-9.
(Sat, 14 Feb 2015 04:15:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Gilbert <mgilbert@debian.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Sat, 14 Feb 2015 04:15:04 GMT) (full text, mbox, link).
Message #46 received at 684072@bugs.debian.org (full text, mbox, reply):
control: reopen -1
This was closed with the removal of src:freebsd-9, but there hasn't
been any actual upstream activity and no real details to be found
anywhere, so it is still likely unfixed in kfreebsd-10.
Best wishes,
Mike
Bug reopened
Request was from Michael Gilbert <mgilbert@debian.org>
to 684072-submit@bugs.debian.org.
(Sat, 14 Feb 2015 04:15:04 GMT) (full text, mbox, link).
No longer marked as fixed in versions 9.2-2+rm.
Request was from Michael Gilbert <mgilbert@debian.org>
to 684072-submit@bugs.debian.org.
(Sat, 14 Feb 2015 04:15:05 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:14:01 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon