Linux Kernel Multiple IPV6 Packet Filtering Bypass Vulnerabilities

info
discussion
exploit
solution
references

Linux Kernel Multiple IPV6 Packet Filtering Bypass Vulnerabilities

The Linux kernel is prone to multiple IPv6 packet-filtering-bypass vulnerabilities because of insufficient handling of fragmented packets.

An attacker could exploit these issues to bypass ip6_table filtering rules. This could result in a false sense of security because filtering rules set up by system administrators can be bypassed in order to access services that are otherwise protected.