Date: Tue, 18 Jun 2019 08:39:55 -0700 From: Cy Schubert <Cy.Schubert@cschubert.com> To: hiren <hiren@strugglingcoder.info>, hiren via freebsd-security <freebsd-security@freebsd.org>, mike tancsa <mike@sentex.net> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: TCP SACK (CVE-2019-5599) Message-ID: <4FEA2C68-77D2-4DE7-BCD4-9D1F9343670B@cschubert.com> In-Reply-To: <20190618145709.GI52008@strugglingcoder.info> References: <29d6e221-e88a-f828-0e5b-ac235691ed86@sentex.net> <20190618145709.GI52008@strugglingcoder.info>
next in thread | previous in thread | raw e-mail | index | archive | help
On June 18, 2019 7:57:09 AM PDT, hiren via freebsd-security <freebsd-security@freebsd.org> wrote: >On 06/18/19 at 10:33P, mike tancsa wrote: >> Hi all, >> With respect to the bugs describe in >> >https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md >> *<quote> >> SACK Slowness (FreeBSD 12 using the RACK TCP Stack) >[snip] >> >> *</quote>* >> >> *How does I know if this is enabled in my default kernel on RELENG_12 >? >> There is some vague mention in various forums this is not the default >on >> FreeBSD ? Can anyone shed more light as to how this does/does not >impact >> FreeBSD ? > >RACK is one of the tcp stacks ($src/sys/netinet/tcp_stacks) and not >enabled by default. > >So, by default, FreeBSD is not affected, afaict. This advisory is for >when you do use RACK. > >Cheers, >Hiren They post a workaround patch in their advisory. As RACK is their contribution, I suppose one of their people who are committers might want to commit it. -- Pardon the typos and autocorrect, small keyboard in use. Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FEA2C68-77D2-4DE7-BCD4-9D1F9343670B>