Date: Sat, 21 Jun 2025 13:27:22 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 287229] IP reassembly issue in FreeBSD 14.1 Message-ID: <bug-287229-7501-uqKbKdiiBu@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-287229-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-287229-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D287229 --- Comment #33 from Michael Tuexen <tuexen@freebsd.org> --- (In reply to Lucas Aubard from comment #32) FreeBSD reassembly is consistent in the following sense: The same sequence of fragments results in the same sequence as long as not limit is hit. But if the same set of sequence is received, the results might depend on the sequence in which the fragments arrive. Regarding the limits: * we need a limit if the bucket queues to mitigate CPU attacks * We need an overall limit to mitigate memory attacks. This can only be avo= ided if the memory limit is equal to or larger than the product of the number = of bucket queues and the bucket queue limit. No matter how we choose the limits, an attacker can send packets such that = the enforcing the limits results in dropping fragments. Isn't this good enough for NIDS? --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-287229-7501-uqKbKdiiBu>