[AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik

Matt Hare matt at spiderwebsolutions.com.au
Tue Apr 2 10:57:47 EST 2019


New beta released appears to address the memory issue that caused the
watchdog reboot. A MikroTik trainer has tested locally and it appears to
mitigate a reboot during an attack. If this is indeed the fix hopefully it
moves to stable and bugfix only branches soon.

*What's new in 6.45beta23 (2019-Apr-01 05:51):*

*MAJOR CHANGES IN v6.45:*
*----------------------*
*!) ipv6 - fixed soft lockup when forwarding IPv6 packets;*
*!) ipv6 - fixed soft lockup when processing large IPv6 Neighbor table;*
*---------------------- *

*Changes in this release:*

**) ipsec - properly drop already established tunnel when address change
detected;*
**) ipv6 - adjust IPv6 route cache max size based on total RAM memory;*
**) smb - fixed possible buffer overflow;*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190402/3f5d9bdb/attachment.html>


More information about the AusNOG mailing list