From 7c5f05c6e9d315a205fde3687d2a7ce6c14a4ace Mon Sep 17 00:00:00 2001 From: delphij Date: Tue, 16 Sep 2014 09:50:19 +0000 Subject: [PATCH] Fix Denial of Service in TCP packet processing. Security: FreeBSD-SA-14:19.tcp Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@271669 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- UPDATING | 3 +++ sys/conf/newvers.sh | 2 +- sys/netinet/tcp_input.c | 6 +----- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/UPDATING b/UPDATING index a65463f65..2aab36a3d 100644 --- a/UPDATING +++ b/UPDATING @@ -11,6 +11,9 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20140916: p2 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p1 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 7ed9c93a1..f6ed9554e 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.3" -BRANCH="RELEASE-p1" +BRANCH="RELEASE-p2" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 476a12348..874dbea6a 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -2181,11 +2181,7 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so, todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1) -- 2.42.0