Patch-ID# 100567-02
Keywords: icmp redirects, security, ip_icmp, icmp_error, m_free, panic, mbuf, mfreem
Synopsis: SunOS 4.1,4.1.1,4.1.2: mfree panic due to mbuf being freed twice, icmp redirects can be used to make a host drop connections
Date: 13/Jul/92

SunOS Release: 4.1,4.1.1,4.1.2

Topic: mfree and icmp redirect security patch for ip_icmp.o

BugID's fixed with this patch: 1087460 1093937

Architectures for which this patch is available: sun3 sun4

Patches which may conflict with this patch:

Obsolete By:

Problem Description:

BUGID 1087460:  We free the same mbuf a second time.  This causes the mfree 
panic. Fixed in -01 version

BUGID 1093937: The current fix will make your networked systems more 
resistant to attacks based on the spoofing of icmp messages, but may not 
prevent all forms of such attacks.

INSTALL:

As root:

mv /sys/`arch -k`/OBJ/ip_icmp.o /sys/`arch -k`/OBJ/ip_icmp.o.fcs
cp `arch`/ip_icmp.o /sys/`arch -k`/OBJ

A new kernel will need to be made and installed.
Please refer to the system and networking administration manual
for details on building and installing a new kernel.


