James Knott wrote:

On 2019-12-06 02:37 PM, Dave Howorth wrote:

...

On Fri, 6 Dec 2019 13:21:10 -0500 James Knott <james.knott@jknott.net> wrote:

...

Does this affect openSUSE?

https://threatpost.com/linux-bug-vpns-hijacking/150891/ I was wondering that too. Not that I use a VPN yet. But is the reason openSUSE not on the list because it isn't vulnerable, or just because it hasn't been tested yet? And if it is vulnerable, which versions?

I use it occasionally, connected to a pfSense firewall, which is based on FreeBSD.  My understanding, from what I read elsewhere, is that's it's a really limited vulnerability, requiring just the right situation to exploit.

It seems the attack vector only exists when you have set rp_filtering to "loose", which I believe is a "2". There are reasons for doing that, I'm sure I have it set somewhere, I just cannot remember where. -- Per Jessen, Zürich (5.9°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org

On 2019-12-06 02:44 PM, Roger Whittaker wrote:

On Fri, Dec 06, 2019 at 01:21:10PM -0500, James Knott wrote:

...

Does this affect openSUSE?

...

https://threatpost.com/linux-bug-vpns-hijacking/150891/ See:

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-14899

It appears I'm safe.  cat /proc/sys/net/ipv4/conf/all/rp_filter 1 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org

On 2019-12-06 03:43 PM, Dave Howorth wrote:

...

It appears I'm safe.  cat /proc/sys/net/ipv4/conf/all/rp_filter 1 Right, me too but it's only recent systemd that sets it to another value by default so maybe I'll be exposed if I upgrade? ...

It's 1 on both 15.0 and 15.1. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org