Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| advisory:2021-02-02-1 [2021/02/02 10:21] – added package versions ynezz | advisory:2021-02-02-1 [2021/02/02 19:44] – [DESCRIPTION] dedeckeh | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Security Advisory 2021-02-02-2 - wolfSSL heap buffer overflow in RsaPad_PSS | + | ====== Security Advisory 2021-02-02-1 - netifd and odhcp6c routing loop on IPv6 point to point links (CVE pending) ====== |
| ===== DESCRIPTION ===== | ===== DESCRIPTION ===== | ||
| - | RsaPad_PSS in wolfcrypt/ | + | In case a link prefix route points to a point-to-point link it can trigger a routing loop if the destination IPv6 address belongs to the prefix and is not a local IPv6 address. If such a packet is received and not directed to a local IPv6 address it will be routed back to the point-to-point link due to the link prefix route; the upstream ISP router will in its turn route the IPv6 packet back due to the assigned prefix route creating a "ping pong" effect. |
| + | |||
| + | The possible routing loop on point-to-point links (e.g PPP) can happen, when the WAN interface is assigned a globally unique prefix (e.g. 2001:db8:1:0::/64) from which an IPv6 address is picked | ||
| + | |||
| + | The prefix route 2001: | ||
| ===== REQUIREMENTS ===== | ===== REQUIREMENTS ===== | ||
| - | FIXME | + | The WAN interface needs to be a point-to-point interface (e.g. PPP) and recevied IPv6 router advertisement messages contains IPv6 prefixes for which the on-link flag is set. |
| ===== MITIGATIONS ===== | ===== MITIGATIONS ===== | ||
| - | You need to update the affected | + | You need to update the affected |
| - | opkg update; opkg upgrade | + | opkg update; opkg upgrade |
| Then verify, that you're running fixed version. | Then verify, that you're running fixed version. | ||
| - | opkg list-installed | + | opkg list-installed |
| + | opkg list-installed odhcp6c | ||
| The above command should output following: | The above command should output following: | ||
| - | libwolfssl | + | netifd |
| - | libwolfssl | + | netifd |
| + | |||
| + | | ||
| + | | ||
| The fix is contained in the following and later versions: | The fix is contained in the following and later versions: | ||
| - | |||
| - | FIXME: | ||
| * OpenWrt 19.07: 2021-01-17 (fixed by [[https:// | * OpenWrt 19.07: 2021-01-17 (fixed by [[https:// | ||
| Line 41: | Line 47: | ||
| ===== CREDITS ===== | ===== CREDITS ===== | ||
| - | This issue was found by [[https://bugs.chromium.org/ | + | This issue was identified |
| ===== REFERENCES ===== | ===== REFERENCES ===== | ||
| - | * https:// | + | ==== Development snapshot ==== |
| - | * https:// | + | * netifd [[commit> |
| - | * https:// | + | * odhcp6c [[commit> |
| - | * https:// | + | |
| - | * https:// | + | ==== OpenWrt 19.07 release ==== |
| + | * netifd [[commit> | ||
| + | * odhcp6c [[commit> | ||