On 17 Jun 2019, at 10:03, Eric Dumazet wrote: > If mtu probing is enabled tcp_mtu_probing() could very well end up > with a too small MSS. > > Use the new sysctl tcp_min_snd_mss to make sure MSS search > is performed in an acceptable range. > > CVE-2019-11479 -- tcp mss hardcoded to 48 > > Signed-off-by: Eric Dumazet <eduma...@google.com> > Reported-by: Jonathan Lemon <jonathan.le...@gmail.com> > Cc: Jonathan Looney <j...@netflix.com> > Acked-by: Neal Cardwell <ncardw...@google.com> > Cc: Yuchung Cheng <ych...@google.com> > Cc: Tyler Hicks <tyhi...@canonical.com> > Cc: Bruce Curtis <bru...@netflix.com> Acked-by: Jonathan Lemon <jonathan.le...@gmail.com>
- [PATCH net 0/4] tcp: make sack processing more robust Eric Dumazet
- [PATCH net 4/4] tcp: enforce tcp_min_snd_mss in tcp_... Eric Dumazet
- Re: [PATCH net 4/4] tcp: enforce tcp_min_snd_mss... Jonathan Lemon
- Re: [PATCH net 4/4] tcp: enforce tcp_min_snd_mss... Tyler Hicks
- [PATCH net 2/4] tcp: tcp_fragment() should apply san... Eric Dumazet
- Re: [PATCH net 2/4] tcp: tcp_fragment() should a... Jonathan Lemon
- Re: [PATCH net 2/4] tcp: tcp_fragment() should a... Christoph Paasch
- Re: [PATCH net 2/4] tcp: tcp_fragment() shou... Eric Dumazet
- Re: [PATCH net 2/4] tcp: tcp_fragment() ... Christoph Paasch
- Re: [PATCH net 2/4] tcp: tcp_fragme... Eric Dumazet
- Re: [PATCH net 2/4] tcp: tcp_fr... Christoph Paasch
- Re: [PATCH net 2/4] tcp: tc... Eric Dumazet
- [PATCH net 3/4] tcp: add tcp_min_snd_mss sysctl Eric Dumazet
