On Fri, 30 Mar 2007 01:06:17 -0700 [EMAIL PROTECTED] wrote:
> http://bugzilla.kernel.org/show_bug.cgi?id=8284 > > Summary: IPsec anti-replay window management flaw > Kernel Version: 2.6.20.4 > Status: NEW > Severity: normal > Owner: [EMAIL PROTECTED] > Submitter: [EMAIL PROTECTED] > > > The IPsec ESP/AH anti-replay window size is configurable, 64 being the value > recommended by RFC 2406. > Linux kernels use a 32 bit bitmap to check whether a sequence number has > already been received. > > When a packet is received, if its seq is lower than the greatest received seq, > and if the difference is greater than 32, the check doesn't work. > This constitutes a security flaw. > > The faulty code is in net/xfrm/xfrm-state.c, functions xfrm_replay_check() > and > xfrm_replay_advance(). - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
