You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2021/02/10 20:40:11 UTC

[GitHub] [incubator-nuttx] gustavonihei opened a new issue #2839: NUMBER:JACK - Improper generation of Initial Sequence Number in TCP stack

gustavonihei opened a new issue #2839:
URL: https://github.com/apache/incubator-nuttx/issues/2839


   On February 10, 2021 Forescout Research Labs published another vulnerability report that affects multiple TCP/IP stacks.
   **uIP** TCP/IP stack is among them, with the following description:
   ```
   ISN generator is initialized with a constant value and has constant increments.
   ```
   In fact, the description seems fit to NuttX TCP/IP stack. In https://github.com/apache/incubator-nuttx/blob/master/net/tcp/tcp_seqno.c, `g_tcpsequence` is initialized with 0, and each call to `tcp_nextsequence()` just increments the variable.
   
   Link to the report:
   https://www.forescout.com/company/blog/numberjack-forescout-research-labs-finds-nine-isn-generation-vulnerabilities-affecting-tcpip-stacks


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [incubator-nuttx] btashton commented on issue #2839: NUMBER:JACK - Improper generation of Initial Sequence Number in TCP stack

Posted by GitBox <gi...@apache.org>.

btashton commented on issue #2839:
URL: https://github.com/apache/incubator-nuttx/issues/2839#issuecomment-777046906


   Please in the future report security issues inline with our reporting policy so we can evaluate it responsibility.
   
   https://www.github.com/apache/incubator-nuttx/tree/master/.github%2FSECURITY.md
   
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org