From owner-freebsd-current@freebsd.org Wed Dec 9 20:51:38 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 440704AF469; Wed, 9 Dec 2020 20:51:38 +0000 (UTC) (envelope-from zbeeble@gmail.com) Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Crq3F4NY3z3rcG; Wed, 9 Dec 2020 20:51:37 +0000 (UTC) (envelope-from zbeeble@gmail.com) Received: by mail-ej1-x632.google.com with SMTP id n26so4146066eju.6; Wed, 09 Dec 2020 12:51:37 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XvQAVRi7vFJD/Ds4PiJleXVz9+JFSS9Jt63ieGSRDCM=; b=ReYhPPgoz3nzBlajQ/Xp7tviwDCar4PY6WeFovcJY+aJXYUjX/8S8PKN0Ifq+iXmGZ G1g1V3wTU/YAYyRY55Y7sEmbtZwY5GF2phrXoOGlbWbggP6BQFPqe3cicwoWgfKKoVi3 41Aj7bJ16k+8CCXAQg1iFFhDuyQiSRA5QJJLazUDiT/Mvmzmqah1QEzouHHSyaG3raiD CpWFbOvTe8fzjqxuujG11Ii9mYjZFN1V8U5hPoAsIQrStYlVjmVUCHqP3jVDSE5w8YE6 1Fn/vENpwSFvh/55+Dy5QZ/s70QRlpoQ2XRwP+kBE5cQZkGMfibrwsAkTy2rH8/Fcmz5 WEDQ== X-Gm-Message-State: AOAM533JQwEVE37lQsmrT+g8nkazdZmht8R7i4896WR0GzoEzaRGNSnn afssx2cDMGzoklmsV+epVLqmfz18qzn1pQUIAJUmIPnXsg== X-Google-Smtp-Source: ABdhPJyb5R2Dg+BVPIHc/Mg9mpfKwPLmzt1Und3CSjNhWyUGMR478wQ2XPDtA7DspvjggPfcdMoenseLeSBQWDlX8E8= X-Received: by 2002:a17:906:e94c:: with SMTP id jw12mr3712360ejb.56.1607547095968; Wed, 09 Dec 2020 12:51:35 -0800 (PST) MIME-Version: 1.0 References: <20201209065849.47a51561@hermann.fritz.box> In-Reply-To: <20201209065849.47a51561@hermann.fritz.box> From: Zaphod Beeblebrox Date: Wed, 9 Dec 2020 15:51:22 -0500 Message-ID: Subject: Re: AMNESIA:33 and FreeBSD TCP/IP stack involvement To: "Hartmann, O." Cc: freebsd-security@freebsd.org, freebsd-current X-Rspamd-Queue-Id: 4Crq3F4NY3z3rcG X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::632:from]; TO_DN_SOME(0.00)[]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::632:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::632:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-security,freebsd-current]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 20:51:38 -0000 I'm not posting as someone in-the-know about the state of the FreeBSD stack --- I trust the security team to divulge things as required, BUT ... ... the examples of vulnerable things in that article to reference lead me to conclude that the stacks in question are "libraries" ... likely, but not necessarily, written in C for systems running in an operating system-less environment. The easiest way to think about this is to look at the "at mega" line (also known as arduino). This is an 8-bit processor and the C development kit allows you to link in all kinds of stuff --- from filesystems and micro-sd card support to wifi and IP/IPv6 support. The same libraries are used when the target is a more powerful ARM chip --- but one similarly running without something as full-fledged as an OS --- or even when a very small vestige of an OS includes these libraries. You could think of these libraries like "what if someone wrote an IP stack for the commodore 64 and then also ported it to the Amiga" ... as a computer without an operating system and then a port to a computer with an operating system with no concept of networking. At any rate, these, in general, do not even resemble the network stack in FreeBSD... or indeed any other full fledged operating system. Hopfully this tidbit helps in some small way. On Wed, Dec 9, 2020 at 12:59 AM Hartmann, O. wrote: > Hello, > I've got a question about recently discovered serious vulnerabilities > in certain TCP stack implementations, designated as AMNESIA:33 (as far > as I could follow the recently made announcements and statements, > please see, for instance, > > https://www.zdnet.com/article/amnesia33-vulnerabilities-impact-millions-of-smart-and-industrial-devices/ > ). > > All mentioned open-source TCP stacks seem not to be related in any way > with freeBSD or any derivative of the FreeBSD project, but I do not > dare to make a statement about that. > > My question is very simple and aimes towards calming down my employees > requests: is FreeBSD potentially vulnerable to this newly discovered > flaw (we use mainly 12.1-RELENG, 12.2-RELENG, 12-STABLE and 13-CURRENT, > latest incarnations, of course, should be least vulnerable ...). > > Thanks in advance, > > O. Hartmann >