Date: Wed, 17 May 2023 10:43:50 -0400 From: Barry Greene <bgreene@...ki.org> To: oss-security@...ts.openwall.com Subject: Re: IPv6 and Route of Death My recommendation - check your “Exploitable Port Filter” rules and include IPv6. Test your gear to insure it ‘can’ filter exertion headers. Read through RFC 9098. This is an doc on how major ISPs deploy port filtering in their networks. Some are applying RFC 9098. https://www.senki.org/operators-security-toolkit/filtering-exploitable-ports-and-minimizing-risk-to-and-from-your-customers/ Sent from my iPhone > On May 17, 2023, at 10:23 AM, Jeffrey Walton <noloader@...il.com> wrote: > Hi Everyone, > > This seems to have been dropped as a 0-day. I have not seen a CVE > assigned to it. > > IPv6 and Route of Death: > > * https://www.reddit.com/r/linux/comments/13jfehf/linux_ipv6_route_of_death_0day_no_patch/ > * https://news.ycombinator.com/item?id=35950379 > > I _think_ this is the original writeup: > > * https://www.interruptlabs.co.uk//articles/linux-ipv6-route-of-death > > Jeff
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.