HomeFreeBSD

pf: Fix incorrect fragment handling

Description

pf: Fix incorrect fragment handling

A sequence of overlapping IPv4 fragments could crash the kernel in
pf due to an assertion.

Approved by: re (gjb)
Reported by: Alexander Bluhm
Obtained from: OpenBSD
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")

(cherry picked from commit 5f1b1f184b7f12330cf4a027e3db7c6700c67640)
(cherry picked from commit 86ebf4d3e12c3eae94d3e9a8dcf5bd5741889b58)

Details

Provenance
kpAuthored on Feb 25 2021, 7:07 AM
Parents
rG113bd64cdf4e: pmap: Fix largemap restart checks in the kernel_maps sysctl handler
Branches
Unknown
Tags
Unknown