Ask / Submit

Jolla is vulnerable to double direct ICMP spoofing

asked 2015-01-21 02:11:29 +0300

Tomasz gravatar image

updated 2015-01-21 12:23:31 +0300

misc11 gravatar image

The first notification is at, but I can not open it:

At that time there was no vulnerability, but there is now (, Vaarainjärvi):

[root@Jolla nemo]# cat /proc/sys/net/ipv4/conf/all/accept_redirects

For more information:

I can ask for a fix it?

edit retag flag offensive close delete


BUMP this is important!

misc11 ( 2015-01-21 12:22:46 +0300 )edit

1 Answer

Sort by » oldest newest most voted

answered 2015-01-21 13:53:54 +0300

tigeli gravatar image

updated 2015-01-27 15:33:12 +0300

Will look into this..

EDIT: Yes, on IPv4 the accept_redirects has value of 'true' but then again secure_redirects has also value of 'true' which means that the redirects are only accepted from the gateways defined in the routing table. However for IPv6 there is no secure_redirects therefore we will disable all icmp redirects completely on a future release for both IPv4 and IPv6.

edit flag offensive delete publish link more
Login/Signup to Answer

Question tools



Asked: 2015-01-21 02:11:29 +0300

Seen: 950 times

Last updated: Jan 27 '15