Page MenuHomeVyOS Platform

IPoE server vulnerability
Closed, ResolvedPublic

Description

We have vulnerability with IPoE server in rolling.
Possible attack with some DHCP/DHCPv6 packets modification.

Details

Difficulty level
Unknown (require assessment)
Version
1.3-rolling-202004120117
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

c-po changed the task status from Open to Backport candidate.Apr 13 2020, 6:18 PM
c-po added a project: VyOS 1.3 Equuleus.
c-po moved this task from Need Triage to Backport Candidates on the VyOS 1.3 Equuleus board.
c-po added a project: Ready for Crux (1.2.x).
c-po edited projects, added VyOS 1.2 Crux (VyOS 1.2.6); removed Ready for Crux (1.2.x).
c-po moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.