From owner-freebsd-security@FreeBSD.ORG Wed Jan 28 23:24:44 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 43199323 for ; Wed, 28 Jan 2015 23:24:44 +0000 (UTC) Received: from mail-yk0-f178.google.com (mail-yk0-f178.google.com [209.85.160.178]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 05AF428A for ; Wed, 28 Jan 2015 23:24:43 +0000 (UTC) Received: by mail-yk0-f178.google.com with SMTP id q200so10629527ykb.9 for ; Wed, 28 Jan 2015 15:24:37 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=ajbJPne2/uoSy+OHg2iEEhBGOXfB9aLaACOXyIFrReY=; b=cjUXmNSJeGzwcGqaK8gJBwBSbaSggsSDG04dH9rTgu/W+v6gkA5hV5+JPT5mwj/L07 UfIZI8GYsbTEBZvluM8yW7P7PAaE01Eokq0YpZjKJcEfl+8v+lB5NDaqB0bEWwk5D1Uv Wmsrl3iwoCRY897RRkCE8d0Or6iEMQC2yQbxZYF4xIpg+XFPIri0kbs7MetDaUhsCL3V tnqO4Zfrco+GzrdYAn1YRFX3Lc6N2Vevs2kBhPFW7NHAh1uMTvLTQWigxfaagcrCO65a 0yE8haXCol5KEVFSXs3uUOKKQghC1OeabBe0KMrD64A1jA5o+Zb7p9pG0os11V4Rvh2E W/Ug== X-Gm-Message-State: ALoCoQkY/jLknZZy9kuDTLlS6k+53tY5WWw0JpODsbad7gdcF+V8Pj3E1HoNZdVSK8NU1Jq8YSYh MIME-Version: 1.0 X-Received: by 10.236.34.228 with SMTP id s64mr2011038yha.31.1422487477063; Wed, 28 Jan 2015 15:24:37 -0800 (PST) Received: by 10.170.46.81 with HTTP; Wed, 28 Jan 2015 15:24:36 -0800 (PST) In-Reply-To: <54C966BF.9000803@rewt.org.uk> References: <20150128194011.2175B19F@hub.freebsd.org> <20150128211910.80082283DA18@rock.dv.isc.org> <54C966BF.9000803@rewt.org.uk> Date: Thu, 29 Jan 2015 00:24:36 +0100 Message-ID: Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem From: Oliver Pinter To: Joe Holden Content-Type: text/plain; charset=UTF-8 Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jan 2015 23:24:44 -0000 Much more, than you explain. Hint: 3G and 4G mobile core networks. ;) On Wed, Jan 28, 2015 at 11:46 PM, Joe Holden wrote: > Really, how many SCTP users are there om the wild... maybe one? > > It shouldn't be in GENERIC at the very least! > > > On 28/01/2015 21:19, Mark Andrews wrote: >> >> >> In message <20150128194011.2175B19F@hub.freebsd.org>, "Roger Marquis" >> writes: >>>>> >>>>> If SCTP is NOT compiled in the kernel, are you still vulnerable ? >>>> >>>> >>>> No -- we should have mentioned that too. For GENERIC kernel however >>>> SCTP is compiled in. >>> >>> >>> Should probably fix that too, in GENERIC, considering how little used >>> this >>> protocol is. >> >> >> It is not used much because there is not critical mass and you want >> to reduce what little there is out there? It is a good thing that >> it is in GENERIC. >> >> Mark >> >>> Roger Marquis >>> >>> _______________________________________________ >>> freebsd-security@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-security >>> To unsubscribe, send any mail to >>> "freebsd-security-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"