IBM Support

IV42072: SYSTEM HANG W/ BAD PACKET - AIX INET VULNERABILITY CVE-2013-3035 APPLIES TO AIX 6100-07

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • One of the CPUs can have stack similar to this at the
    time of hang.
    
    --- CPU #3 ---
    pvthread+001800 STACK:
    [0463EA0C]netinet:flags6_passq+00010C (F1000A002194FB10,
    0000000000000000, 0000000000000000, F1000A002194F858,
    F1000A002194F852, F1000A002194F851, F1000A002194F860,
    F1000A002194F9D0 [??])
    [0463F478]netinet:check6_pkt+0000F8 (??, ??, ??)
    [04683F68]netinet:opt6_mls_input+000088 (??, ??, ??, ??)
    [04683710]netinet:hd6_inoptions+0000B0 (??, ??, ??)
    [0467EB14]netinet:hop6_input+000234 (??, ??, ??, ??)
    [04681714]netinet:ip6_input+0007D4 (F1000E0000160000,
    F1000A002194FC40)
    [0460CE70]netinet:ipintr_noqueue_post_fw+001870
    (F1000A1005DE0D50,
    ....
    

Local fix

Problem summary

  • If a malformed IPv6 packet is sent to a AIX machine, the AIX
    machine can hang while processing that packet. One of the CPUs
    can have stack similar to this at the time of hang.
    
    --- CPU #3 ---
    pvthread+001800 STACK:
     0463EA0C netinet:flags6_passq+00010C (F1000A002194FB10,
    0000000000000000, 0000000000000000, F1000A002194F858,
    F1000A002194F852, F1000A002194F851, F1000A002194F860,
    F1000A002194F9D0  ?? )
     0463F478 netinet:check6_pkt+0000F8 (??, ??, ??)
     04683F68 netinet:opt6_mls_input+000088 (??, ??, ??, ??)
     04683710 netinet:hd6_inoptions+0000B0 (??, ??, ??)
     0467EB14 netinet:hop6_input+000234 (??, ??, ??, ??)
     04681714 netinet:ip6_input+0007D4 (F1000E0000160000,
    F1000A002194FC40)
     0460CE70 netinet:ipintr_noqueue_post_fw+001870
    (F1000A1005DE0D50,
    ....
    

Problem conclusion

  • Added some checks in AIX IPV6 code to avoid a possible infinite
    loop when processing IPV6 packets.
    

Temporary fix

Comments

  • 6100-06 - use AIX APAR IV37925
    6100-07 - use AIX APAR IV42072
    6100-08 - use AIX APAR IV42124
    7100-00 - use AIX APAR IV42264
    7100-01 - use AIX APAR IV42229
    7100-02 - use AIX APAR IV42095
    

APAR Information

  • APAR number

    IV42072

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2013-05-08

  • Closed date

    2013-05-08

  • Last modified date

    2013-11-24

  • APAR is sysrouted FROM one or more of the following:

    IV37925

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U857721

       UP13/08/02 I 1000

PTF to Fileset Mapping

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSMV87","label":"AIX 6.1 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMVAX","label":"AIX Express Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSAUMY","label":"IBM AIX Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11Q","label":"AIX 6.1 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
24 November 2013