From: Linus Lüssing <linus.luess...@web.de> Date: Tue, 4 Mar 2014 03:57:35 +0100
> MLD queries are supposed to have an IPv6 link-local source address > according to RFC2710, section 4 and RFC3810, section 5.1.14. This patch > adds a sanity check to ignore such broken MLD queries. > > Without this check, such malformed MLD queries can result in a > denial of service: The queries are ignored by any MLD listener > therefore they will not respond with an MLD report. However, > without this patch these malformed MLD queries would enable the > snooping part in the bridge code, potentially shutting down the > according ports towards these hosts for multicast traffic as the > bridge did not learn about these listeners. > > Reported-by: Jan Stancek <jstan...@redhat.com> > Signed-off-by: Linus Lüssing <linus.luess...@web.de> Applied. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
