IV42124: SYSTEM HANG W/ BAD PACKET - AIX INET VULNERABILITY CVE-2013-3035 APPLIES TO AIX 6100-08

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • One of the CPUs can have stack similar to this at the
    time of hang.
    
    --- CPU #3 ---
    pvthread+001800 STACK:
    [0463EA0C]netinet:flags6_passq+00010C (F1000A002194FB10,
    0000000000000000, 0000000000000000, F1000A002194F858,
    F1000A002194F852, F1000A002194F851, F1000A002194F860,
    F1000A002194F9D0 [??])
    [0463F478]netinet:check6_pkt+0000F8 (??, ??, ??)
    [04683F68]netinet:opt6_mls_input+000088 (??, ??, ??, ??)
    [04683710]netinet:hd6_inoptions+0000B0 (??, ??, ??)
    [0467EB14]netinet:hop6_input+000234 (??, ??, ??, ??)
    [04681714]netinet:ip6_input+0007D4 (F1000E0000160000,
    F1000A002194FC40)
    [0460CE70]netinet:ipintr_noqueue_post_fw+001870
    (F1000A1005DE0D50,
    ....
    

Local fix

Problem summary

  • If a malformed IPv6 packet is sent to a AIX machine, the AIX
    machine can hang while processing that packet. One of the CPUs
    can have stack similar to this at the time of hang.
    
    --- CPU #3 ---
    pvthread+001800 STACK:
     0463EA0C netinet:flags6_passq+00010C (F1000A002194FB10,
    0000000000000000, 0000000000000000, F1000A002194F858,
    F1000A002194F852, F1000A002194F851, F1000A002194F860,
    F1000A002194F9D0  ?? )
     0463F478 netinet:check6_pkt+0000F8 (??, ??, ??)
     04683F68 netinet:opt6_mls_input+000088 (??, ??, ??, ??)
     04683710 netinet:hd6_inoptions+0000B0 (??, ??, ??)
     0467EB14 netinet:hop6_input+000234 (??, ??, ??, ??)
     04681714 netinet:ip6_input+0007D4 (F1000E0000160000,
    F1000A002194FC40)
     0460CE70 netinet:ipintr_noqueue_post_fw+001870
    (F1000A1005DE0D50,
    ....
    

Problem conclusion

  • Added some checks in AIX IPV6 code to avoid a possible infinite
    loop when processing IPV6 packets.
    

Temporary fix

Comments

  • 6100-06 - use AIX APAR IV37925
    6100-07 - use AIX APAR IV42072
    6100-08 - use AIX APAR IV42124
    7100-00 - use AIX APAR IV42264
    7100-01 - use AIX APAR IV42229
    7100-02 - use AIX APAR IV42095
    

APAR Information

  • APAR number

    IV42124

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2013-05-08

  • Closed date

    2013-05-08

  • Last modified date

    2013-11-24

  • APAR is sysrouted FROM one or more of the following:

    IV37925

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U855964

       UP13/08/02 I 1000

PTF to Fileset Mapping



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

AIX Enterprise Edition

Software version:

610

Operating system(s):

AIX

Reference #:

IV42124

Modified date:

2013-11-24

Translate my page

Machine Translation

Content navigation