Module Name: src
Committed By: rin
Date: Tue Oct 8 06:17:14 UTC 2024
Modified Files:
src/sys/netinet: tcp_input.c
Log Message:
tcp_reass: Mitigate CVE-2018-6922 (SegmentSmack)
at a level of FreeBSD, by introducing an arbitrary (100) limit to
the length of TCP reassembly queues:
https://github.com/freebsd/freebsd-src/commit/95a914f6316874f5b0c45d491f2843dc810071ef
Originally authored by ryo@.
We thank Tomoyuki Sahara <tsahara at iij>, who has analyzed the
problem again, updated the patch, and carried out experiments for
vulnerability scenarios. The confidential PR below is based on
his work.
PR security/58708
To generate a diff of this commit:
cvs rdiff -u -r1.440 -r1.441 src/sys/netinet/tcp_input.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
