kernel-fxtec-pro1x/net/ipv6
Patrick McHardy 51d8b1a652 [NETFILTER]: Fix ip6_tables protocol bypass bug
As reported by Mark Dowd <Mark_Dowd@McAfee.com>, ip6_tables is susceptible
to a fragmentation attack causing false negatives on protocol matches.

When the protocol header doesn't follow the fragment header immediately,
the fragment header contains the protocol number of the next extension
header. When the extension header and the protocol header are sent in
a second fragment a rule like "ip6tables .. -p udp -j DROP" will never
match.

Drop fragments that are at offset 0 and don't contain the final protocol
header regardless of the ruleset, since this should not happen normally.

With help from Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-24 16:14:04 -07:00
..
netfilter [NETFILTER]: Fix ip6_tables protocol bypass bug 2006-10-24 16:14:04 -07:00
addrconf.c [IPV6]: Seperate sit driver to extra module (addrconf.c changes) 2006-10-11 23:59:52 -07:00
af_inet6.c [IPV6]: Seperate sit driver to extra module 2006-10-11 23:59:50 -07:00
ah6.c [IPV6] MIP6: Several obvious clean-ups. 2006-09-22 15:17:58 -07:00
anycast.c [IPV6] ADDRCONF: Convert addrconf_lock to RCU. 2006-09-22 15:20:26 -07:00
datagram.c [IPV6] MIP6: Add socket option and ancillary data interface of routing header type 2. 2006-09-22 15:06:49 -07:00
esp6.c [IPSEC] esp: Defer output IV initialization to first use. 2006-09-22 15:17:35 -07:00
exthdrs.c [IPV6] MIP6: Fix to update IP6CB when cloned skbuff is received at HAO. 2006-09-22 15:18:46 -07:00
exthdrs_core.c
fib6_rules.c [IPv6] rules: Use RT6_LOOKUP_F_HAS_SADDR and fix source based selectors 2006-10-15 23:14:19 -07:00
icmp.c [IPV6] MIP6: Revert address to send ICMPv6 error. 2006-09-22 15:06:55 -07:00
inet6_connection_sock.c [IPV6]: Cache source address as well in ipv6_pinfo{}. 2006-09-22 14:55:45 -07:00
inet6_hashtables.c [IPV4]: INET_MATCH() annotations 2006-09-28 18:02:25 -07:00
ip6_fib.c [IPv6] fib: initialize tb6_lock in common place to give lockdep a key 2006-10-21 20:20:54 -07:00
ip6_flowlabel.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ip6_input.c [IPV6]: Allow to replace skbuff by TLV parser. 2006-09-22 15:06:51 -07:00
ip6_output.c [IPV6] NDISC: Add proxy_ndp sysctl. 2006-09-22 15:20:25 -07:00
ip6_tunnel.c [NET]: Conversions from kmalloc+memset to k(z|c)alloc. 2006-07-21 14:51:30 -07:00
ipcomp6.c [XFRM]: BEET mode 2006-10-04 00:31:09 -07:00
ipv6_sockglue.c [IPV6]: Disable SG for GSO unless we have checksum 2006-09-28 18:02:45 -07:00
ipv6_syms.c [IPV6] ADDRCONF: Convert addrconf_lock to RCU. 2006-09-22 15:20:26 -07:00
Kconfig [IPV6]: Make IPV6_SUBTREES depend on IPV6_MULTIPLE_TABLES. 2006-10-18 19:55:29 -07:00
Makefile [IPV6]: Seperate sit driver to extra module 2006-10-11 23:59:50 -07:00
mcast.c [NET/IPV4/IPV6]: Change some sysctl variables to __read_mostly 2006-09-22 14:55:03 -07:00
mip6.c Remove all inclusions of <linux/config.h> 2006-10-04 03:38:54 -04:00
ndisc.c [IPV6]: Remove bogus WARN_ON in Proxy-NA handling. 2006-10-15 23:14:20 -07:00
netfilter.c [NET]: Replace CHECKSUM_HW by CHECKSUM_PARTIAL/CHECKSUM_COMPLETE 2006-09-22 14:53:53 -07:00
proc.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
protocol.c
raw.c [IPV6] MIP6: Add sending mobility header functions through raw socket. 2006-09-22 15:07:02 -07:00
reassembly.c [NET/IPV4/IPV6]: Change some sysctl variables to __read_mostly 2006-09-22 14:55:03 -07:00
route.c [IPV6]: Fix route.c warnings when multiple tables are disabled. 2006-10-18 21:20:57 -07:00
sit.c [IPV6] sit: Add missing MODULE_LICENSE 2006-10-15 23:14:21 -07:00
sysctl_net_ipv6.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
tcp_ipv6.c [NET]: Use typesafe inet_twsk() inline function instead of cast. 2006-10-11 23:59:58 -07:00
tunnel6.c
udp.c [UDP]: Fix MSG_PROBE crash 2006-10-04 00:31:00 -07:00
xfrm6_input.c [XFRM]: xrfm_replay_check() annotations 2006-09-28 18:02:40 -07:00
xfrm6_mode_beet.c [XFRM]: BEET mode 2006-10-04 00:31:09 -07:00
xfrm6_mode_ro.c [IPSEC]: output mode to take an xfrm state as input param 2006-09-22 15:18:48 -07:00
xfrm6_mode_transport.c [IPSEC]: output mode to take an xfrm state as input param 2006-09-22 15:18:48 -07:00
xfrm6_mode_tunnel.c [IPSEC]: output mode to take an xfrm state as input param 2006-09-22 15:18:48 -07:00
xfrm6_output.c [IPSEC]: output mode to take an xfrm state as input param 2006-09-22 15:18:48 -07:00
xfrm6_policy.c [IPV6]: Make sure error handling is done when calling ip6_route_output(). 2006-10-18 19:55:27 -07:00
xfrm6_state.c [XFRM]: ports in struct xfrm_selector annotated 2006-09-28 18:02:33 -07:00
xfrm6_tunnel.c [XFRM]: xrfm_replay_check() annotations 2006-09-28 18:02:40 -07:00