Patches for NetBSD
The developers of NetBSD have released information about two vulnerabilities that have been fixed in the networking. The patches incorporated into current versions solve a problem with the implementation of the Neighbor Discovery Protocol (NDP) for IPv6 allowing attackers to redirect the network traffic for Man-in-Middle attacks or to overload router links.
Also fixed was an issue where ICMPv6 "Packet Too Big" packets could trigger a kernel panic. Although this information was only recently released, the updated versions and patches were released on 3 October.
See also
- ICMPv6 Packet Too Big messages, Advisory from the NetBSD team
- IPv6 Neighbor Discovery Protocol, Advisory from the NetBSD team
(djwm)