From owner-freebsd-pf@FreeBSD.ORG Mon Apr 13 20:47:06 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7AFB3106574C for ; Mon, 13 Apr 2009 20:47:06 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.186]) by mx1.freebsd.org (Postfix) with ESMTP id 052B68FC19 for ; Mon, 13 Apr 2009 20:47:05 +0000 (UTC) (envelope-from max@love2party.net) Received: from vampire.homelinux.org (dslb-088-066-019-008.pools.arcor-ip.net [88.66.19.8]) by mrelayeu.kundenserver.de (node=mreu0) with ESMTP (Nemesis) id 0MKuxg-1LtT3Y3yrm-0001VL; Mon, 13 Apr 2009 22:47:05 +0200 Received: (qmail 44822 invoked from network); 13 Apr 2009 20:47:04 -0000 Received: from fbsd8.laiers.local (192.168.4.200) by ns1.laiers.local with SMTP; 13 Apr 2009 20:47:04 -0000 From: Max Laier Organization: FreeBSD To: freebsd-pf@freebsd.org Date: Mon, 13 Apr 2009 21:47:03 +0100 User-Agent: KMail/1.11.0 (FreeBSD/8.0-CURRENT; KDE/4.2.1; i386; ; ) References: <200904131857.n3DIvV7C025975@lava.sentex.ca> In-Reply-To: <200904131857.n3DIvV7C025975@lava.sentex.ca> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200904132247.04332.max@love2party.net> X-Provags-ID: V01U2FsdGVkX18T0k9mF3pPgpg3CFxkrTaHSe1A1cWbT37hqp3 TEkEtsst6IYQe3cSmC9zPQepzqqjjOdQxKJiYLd9zBv19KV9eW 5MOOZMc7QIPW9KipQLQSw== Cc: Subject: Re: OpenBSD/FreeBSD pf issue ? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Apr 2009 20:47:08 -0000 On Monday 13 April 2009 20:58:14 Mike Tancsa wrote: > ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/013_pf.patch > > http://helith.net/txt/openbsd_4.3-current_pf_null_pointer_dereference_kerne >l_panic.txt > > > Not sure if this impacts FreeBSD or not ? It looks like FreeBSD is not vulnerable to this - it seems the problem was introduced with OpenBSD pf.c rev. 1.539 (which first appeared in OpenBSD 4.2). Our last full import was OpenBSD 4.1 which doesn't include the vulnerability. Please note that this a preliminary assessment - I will follow-up with a proper version as soon as more people have looked at the situation. Feel free to pitch in if you see remaining problems in the FreeBSD version of pf.c - maybe off-list. In addition it might make sense to drop this kind of packets as part of the "scrub" process, but that is not an immediate concern at this point. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News