Re: Linux 2.2.x ISN Vulnerability

manfreds@colorfullife.com
Sun, 26 Sep 1999 10:30:20 -0400 (EDT)


> The problem is within drivers/char/random.c, line 1684:
>
> __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
> __u16 sport, __u16 dport)
> {
> ...
> static __u32 secret[12];
> ...
> secret[0]=saddr;
> secret[1]=daddr;
> secret[2]=(sport << 16) + dport;
>
> seq = (halfMD4Transform(secret+8, secret) &
> ((1<<HASH_BITS)-1)) + count;
> ...
> }
>
> As already said, in our spoofed TCP SYN packet only the IP source address
> differs, that is only secret[0], so of 12*4 random bytes used to create the

I think the problem is not the halfMD4Transform. The problem could be caused by the
fact that the random part of secret remains zero.
Could you please check if the newest 2.2.13pre12 kernel from Alan is vulnerable?
This bug was found a few days ago.

The main change is :
--- linux.vanilla/drivers/char/random.c Thu Dec 31 20:03:49 1998
+++ linux.13p12/drivers/char/random.c Sun Sep 19 15:00:34 1999
@@ -1698,7 +1698,7 @@
if (!rekey_time || (tv.tv_sec - rekey_time) > REKEY_INTERVAL) {
rekey_time = tv.tv_sec;
/* First three words are overwritten below. */
- get_random_bytes(&secret+3, sizeof(secret)-12);
+ get_random_bytes(&secret[3], sizeof(secret)-12);
count = (tv.tv_sec/REKEY_INTERVAL) << HASH_BITS;
}

--
	Manfred


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/