OpenBSD 4.0 Errata #008: IPv6 ICMP Echo Fix

Contributed by dwc on 2007-01-16 from the Ping-Pong dept.

It's patch time, especially if you're using IPv6...

OpenBSD 4.0 Errata #008: RELIABILITY FIX: January 16, 2007 All architectures
OpenBSD 3.9 Errata #018: RELIABILITY FIX: January 16, 2007 All architectures

Under some circumstances, processing an ICMP6 echo request would cause the kernel to enter an infinite loop.

Source code patchs for 4.0 and 3.9 exist which remedies this problem

(Comments are closed)

Comments

By Anonymous Coward (207.59.237.99) on 2007-01-16 15:54

And cue the "time to change the counter on the website" trolls...
Comments
1. By Anonymous Coward (149.169.135.33) on 2007-01-16 17:05
  
  > And cue the "time to change the counter on the website" trolls...
  
  Often the OpenBSD trolls try and get local exploits to reset that counter. But reliability fixes? C'mon, our trolls are smarter than that.
  Comments
  1. By Anonymous Coward (83.145.122.242) on 2007-01-16 17:11
    
    It can cause a local dos ... ( see netbsd pr linked with the first itojun commit ).
    
    And this patch is incorrect. itojun finally commit it correctly in current but this patch doesn't solve the issue
    
    Comments
    
    By Anonymous Coward (219.90.243.38) on 2007-01-17 00:13
    
    > And this patch is incorrect. itojun finally commit it correctly in current but this patch doesn't solve the issue
    
    Its been fixed now.
    
    Comments
    
    By em (195.212.29.179) on 2007-01-17 15:59
    
    > > And this patch is incorrect. itojun finally commit it correctly in current but this patch doesn't solve the issue
    >
    > Its been fixed now.
    
    Sorry, now I'm a little bit confused. What is the status now. I synchronized stable branch yesterday and compiled the kernel.
    Does it mean that the patch was wrong and now is finally corrected and available in patch branch so I should make a new kernel now?
    Thanks
    
    Comments
    
    By Anonymous Coward (219.90.242.204) on 2007-01-17 23:49
    
    There was a fix which apparently did not fix the problem. This was applied to current, then 3.9 and 4.0 stable trees. Patches were provided for 3.9 and 4.0.
    Then along came a fix in current which actually fixed the problem. This was then merged with 3.9 and 4.0 stable branches. The existing patch files were then replaced with new patch files. The new patch files have a line like "THIS IS THE SECOND REVISION OF THIS PATCH."
    
    Look here for the gory details:
    http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/icmp6.c
    
    As mud?

Latest Articles

Fri, Apr 26
- 08:33 Passphrase timeout for disk decryption at boot added (potential battery lifesaver) (1)
Wed, Apr 24
- 04:35 Game of Trees 0.98 released (2)
Tue, Apr 23
- 05:25 pfctl(8) and systat(8) to display fragment reassembly statistics (0)
Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (12)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (3)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]