From owner-freebsd-security@freebsd.org Tue Dec 29 19:50:33 2020 Return-Path: <owner-freebsd-security@freebsd.org> Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E73F64C983F; Tue, 29 Dec 2020 19:50:33 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4D54lY1sW7z3KlD; Tue, 29 Dec 2020 19:50:32 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: by mail-ej1-x62b.google.com with SMTP id 6so19437234ejz.5; Tue, 29 Dec 2020 11:50:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=MheQdKcioDoEX3Ywcfa8bckOzxsxkoiwCr+y51Uj6hI=; b=IN1rqSSVmt9R+mBONEc20U3xtdNA/PD4v+XSdonf/SYsoCCK0J7PLzgHABIKsTIILC qudBcYFZN4stRiKmTUDP+K0KQdoHgJkYd8sBcXbLFGWGoiXBqh8pIX45hMAHBUuR5r1q OocScWZojtdPRGGRARMmyEXMFqTxW3i1BMdhnNZiACd9FGQNk8SgxddnUUHbvhXY9EbH NL20fi1xN/9u4Lol1lYoYwB9yVbgIROIRLnLPWazmfL1x3lvPhv0DM5LyiWRvEarumi3 Vk6vkfZWSbQx2vUCq9Wzm23car1ZSn5v6tKH75S5hUJLsujes5xilJuc1wSt8cXTAL/0 1H4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MheQdKcioDoEX3Ywcfa8bckOzxsxkoiwCr+y51Uj6hI=; b=Ozd8hWAFGeN4ZluZDL53c+Dtg5AbA0YZtYbIIr59Jc8XQPBMg4SQplVtOO7KFpRx50 8DSxMOf1LZXqxd67F292h6fZoyE3zf6fFLda3AqSJ57PuEU55LavlsfQVJ0Eb4pDaT+p tkTMU/ZccW33up4IYApVtSYf8uOVV944mZ011jk87LXGgBo2bNwXn9PxBgto6ZFbQvBk eZBooNBOqcl+eFgbGG6E9zSC33bUdOkBJzwe31O3TIXARogfQp2/WVoDdD2JeXN+Fvpu UPORaxR080J9PG+Og1EmfdXypyWaOiVTwiMVL7pnYBnqNyGc3Oczy8Uv3/gByGjmqQW6 TU2w== X-Gm-Message-State: AOAM53208kirx3anZTxyFxA1b1eZkbPD5T5oKe3bHgUaoQzG/JYdYN58 3q8IDlgK9w63F9A54VtEewczTXkTtKwSEzBXRD/9sDaxZtZ1YQ== X-Google-Smtp-Source: ABdhPJzXCJEXztP75BaR+OZDfPijShbFALCUsGfnmKHJalX9ZyAsA0lmPbqunPg+R2grAb2gpIl0MZqN0dk6eIKsBfg= X-Received: by 2002:a17:906:b24c:: with SMTP id ce12mr46294795ejb.89.1609271431654; Tue, 29 Dec 2020 11:50:31 -0800 (PST) MIME-Version: 1.0 References: <20201209065849.47a51561@hermann.fritz.box> In-Reply-To: <20201209065849.47a51561@hermann.fritz.box> From: "Kurt Buff, GSEC/GCIH/PCIP" <kurt.buff@gmail.com> Date: Tue, 29 Dec 2020 12:50:17 -0700 Message-ID: <CADy1Ce4jEsqBn1EEYk_H1cXC9RX-ASRCd=2-Ooh48_y68d=LQw@mail.gmail.com> Subject: Re: AMNESIA:33 and FreeBSD TCP/IP stack involvement To: "Hartmann, O." <ohartmann@walstatt.org> Cc: freebsd-security@freebsd.org, freebsd-current@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4D54lY1sW7z3KlD X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=IN1rqSSV; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of kurtbuff@gmail.com designates 2a00:1450:4864:20::62b as permitted sender) smtp.mailfrom=kurtbuff@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::62b:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::62b:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::62b:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security,freebsd-current] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" <freebsd-security.freebsd.org> List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/> List-Post: <mailto:freebsd-security@freebsd.org> List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help> List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=subscribe> X-List-Received-Date: Tue, 29 Dec 2020 19:50:34 -0000 Recently seen: https://treck.com/vulnerability-response-information/ and https://github.com/Forescout/project-memoria-detector HTH, Kurt On Tue, Dec 8, 2020 at 10:59 PM Hartmann, O. <ohartmann@walstatt.org> wrote: > > Hello, > I've got a question about recently discovered serious vulnerabilities > in certain TCP stack implementations, designated as AMNESIA:33 (as far > as I could follow the recently made announcements and statements, > please see, for instance, > https://www.zdnet.com/article/amnesia33-vulnerabilities-impact-millions-of-smart-and-industrial-devices/). > > All mentioned open-source TCP stacks seem not to be related in any way > with freeBSD or any derivative of the FreeBSD project, but I do not > dare to make a statement about that. > > My question is very simple and aimes towards calming down my employees > requests: is FreeBSD potentially vulnerable to this newly discovered > flaw (we use mainly 12.1-RELENG, 12.2-RELENG, 12-STABLE and 13-CURRENT, > latest incarnations, of course, should be least vulnerable ...). > > Thanks in advance, > > O. Hartmann