CVSROOT: /cvs Module name: src Changes by: [email protected] 2026/03/20 13:44:48
Modified files:
sys/netinet : tcp_input.c
Log message:
Ignore TCP SACK packets with invalid sequence numbers.
Due to an integer overflow, sequence numbers in selective ACK packets
were accepted. Such packets caused a NULL pointer dereference in
the TCP stack, resulting in a kernel crash.
Reported by Nicholas Carlini at anthropic dot com
with deraadt@; OK markus@
