CVSROOT: /cvs Module name: src Changes by: [email protected] 2026/03/20 13:47:43
Modified files:
sys/netinet : Tag: OPENBSD_7_8 tcp_input.c
Log message:
Ignore TCP SACK packets with invalid sequence numbers.
Due to an integer overflow, sequence numbers in selective ACK packets
were accepted. Such packets caused a NULL pointer dereference in
the TCP stack, resulting in a kernel crash.
Reported by Nicholas Carlini at anthropic dot com
with deraadt@; OK markus@
this is errata/7.8/025_sack.patch.sig
