subject:"\[PATCH\] hw\/net\: Discard overly fragmented packets"

Re: [PATCH] hw/net: Discard overly fragmented packets

2022-08-05 Thread Thomas Huth

On 11/08/2021 06.08, Jason Wang wrote: 在 2021/8/4 上午9:43, Jason Wang 写道: 在 2021/8/3 下午5:51, Philippe Mathieu-Daudé 写道: On 8/3/21 11:33 AM, Thomas Huth wrote: On 05/07/2021 10.40, Philippe Mathieu-Daudé wrote: Our infrastructure can handle fragmented packets up to NET_MAX_FRAG_SG_LIST (64) p

Re: [PATCH] hw/net: Discard overly fragmented packets

2021-08-10 Thread Jason Wang

在 2021/8/4 上午9:43, Jason Wang 写道: 在 2021/8/3 下午5:51, Philippe Mathieu-Daudé 写道: On 8/3/21 11:33 AM, Thomas Huth wrote: On 05/07/2021 10.40, Philippe Mathieu-Daudé wrote: Our infrastructure can handle fragmented packets up to NET_MAX_FRAG_SG_LIST (64) pieces. This hard limit has been proven

Re: [PATCH] hw/net: Discard overly fragmented packets

2021-08-03 Thread Jason Wang

在 2021/8/3 下午5:51, Philippe Mathieu-Daudé 写道: On 8/3/21 11:33 AM, Thomas Huth wrote: On 05/07/2021 10.40, Philippe Mathieu-Daudé wrote: Our infrastructure can handle fragmented packets up to NET_MAX_FRAG_SG_LIST (64) pieces. This hard limit has been proven enough in production for years. If i

Re: [PATCH] hw/net: Discard overly fragmented packets

2021-08-03 Thread Philippe Mathieu-Daudé

On 8/3/21 11:33 AM, Thomas Huth wrote: > On 05/07/2021 10.40, Philippe Mathieu-Daudé wrote: >> Our infrastructure can handle fragmented packets up to >> NET_MAX_FRAG_SG_LIST (64) pieces. This hard limit has >> been proven enough in production for years. If it is >> reached, it is likely an evil cra

Re: [PATCH] hw/net: Discard overly fragmented packets

2021-08-03 Thread Thomas Huth

On 05/07/2021 10.40, Philippe Mathieu-Daudé wrote: Our infrastructure can handle fragmented packets up to NET_MAX_FRAG_SG_LIST (64) pieces. This hard limit has been proven enough in production for years. If it is reached, it is likely an evil crafted packet. Discard it. Include the qtest reprodu

Re: [PATCH] hw/net: Discard overly fragmented packets

2021-07-06 Thread Philippe Mathieu-Daudé

Hi Mauro, On 7/6/21 11:00 AM, Mauro Matteo Cascella wrote: > Hello Philippe, > > I think you don't need root privileges to craft such a highly > fragmented packet from within the guest (tools like hping3 or nmap > come to mind). Right? If so, we may consider allocating a CVE for this > bug. If no

Re: [PATCH] hw/net: Discard overly fragmented packets

2021-07-06 Thread Mauro Matteo Cascella

Hello Philippe, I think you don't need root privileges to craft such a highly fragmented packet from within the guest (tools like hping3 or nmap come to mind). Right? If so, we may consider allocating a CVE for this bug. If not, this is not CVE worthy - root does not need an assertion failure to c

[PATCH] hw/net: Discard overly fragmented packets

2021-07-05 Thread Philippe Mathieu-Daudé

Our infrastructure can handle fragmented packets up to NET_MAX_FRAG_SG_LIST (64) pieces. This hard limit has been proven enough in production for years. If it is reached, it is likely an evil crafted packet. Discard it. Include the qtest reproducer provided by Alexander Bulekov: $ make check-qt

Re: [PATCH] hw/net: Discard overly fragmented packets

Re: [PATCH] hw/net: Discard overly fragmented packets

Re: [PATCH] hw/net: Discard overly fragmented packets

Re: [PATCH] hw/net: Discard overly fragmented packets

Re: [PATCH] hw/net: Discard overly fragmented packets

Re: [PATCH] hw/net: Discard overly fragmented packets

Re: [PATCH] hw/net: Discard overly fragmented packets

[PATCH] hw/net: Discard overly fragmented packets

8 matches

Site Navigation

Mail list logo

Footer information