Contributed by jcs on from the get-your-patches dept.
010: RELIABILITY FIX: January 10, 2005
A bug in the tcp(4) stack allows an invalid argument to be used in in calculating the TCP retransmit timeout. By sending packets with specific values in the TCP timestamp option, an attacker can cause a system panic.
The patches for 3.5 and 3.6 are available (or will be shortly) from your local FTP mirror. Ryan McBride notes:
"On OpenBSD 3.6 and newer, pf's 'scrub reassemble tcp' TCP timestamp sanity checks provide some (but not complete) protection against this problem."
Although your best bet is to just apply the patch and recompile your kernel.
(Comments are closed)