From 40abb6512c35c6b6a5b2c2fe0bf0e43ae48b4404 Mon Sep 17 00:00:00 2001 From: delphij Date: Tue, 16 Sep 2014 09:50:19 +0000 Subject: [PATCH] Fix Denial of Service in TCP packet processing. Security: FreeBSD-SA-14:19.tcp Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.2@271669 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- UPDATING | 3 +++ sys/conf/newvers.sh | 2 +- sys/netinet/tcp_input.c | 6 +----- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/UPDATING b/UPDATING index 5effaaf4..96052100 100644 --- a/UPDATING +++ b/UPDATING @@ -11,6 +11,9 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20140916: p12 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p11 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 5c3f392c..74b70002 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.2" -BRANCH="RELEASE-p11" +BRANCH="RELEASE-p12" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 988f44dd..c8f91025 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -2181,11 +2181,7 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so, todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1) -- 2.42.0