Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 8 Nov 2012 23:15:51 +0100
From: Petr Matousek <>
Subject: CVE request --- acceptation of overlapping ipv6 fragments

Accepting overlapping fragmented ipv6 packets can lead to Operating
Systems (OS) fingerprinting, IDS/IPS insertion/evasion, firewall

Do not accept such packets.

Linux kernel upstream fix:;a=commitdiff;h=70789d7052239992824628db8133de08dc78e593


Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ