[AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
Philip Loenneker
Philip.Loenneker at tasmanet.com.au
Sat Mar 30 09:47:52 EST 2019
Unfortunately this apparently fixes 2x softlock issues, but not a memory leak that results in a reboot of the device.
You can read from here on to see more information:
https://forum.mikrotik.com/viewtopic.php?f=2&t=147048#p723977
Regards,
Philip Loenneker | Network Engineer | TasmaNet
From: AusNOG <ausnog-bounces at lists.ausnog.net> On Behalf Of Shane Clay
Sent: Friday, 29 March 2019 10:08 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
Looks like a fix is on the way:
What's new in 6.45beta22 (2019-Mar-29 08:37):
Changes in this release:
!) ipv6 - fixed soft lockup when forwarding IPv6 packets (CVE-2018-19299);
!) ipv6 - fixed soft lockup when processing large IPv6 Neighbor table (CVE-2018-19298);
https://mikrotik.com/download/changelogs/testing-release-tree
Shane Clay
Caznet
From: AusNOG <ausnog-bounces at lists.ausnog.net> On Behalf Of Noel Butler
Sent: Friday, 29 March 2019 12:02 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik
On 29/03/2019 11:17, Mike Everest wrote:
On the point of "the fix is in v7"
v7 has for a great many years, been code for "too hard basket"
--
Kind Regards,
Noel Butler
This Email, including any attachments, may contain legally privileged information, therefore remains confidential and subject to copyright protected under international law. You may not disseminate, discuss, or reveal, any part, to anyone, without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments, immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message. Only PDF<http://www.adobe.com/> and ODF<http://en.wikipedia.org/wiki/OpenDocument> documents accepted, please do not send proprietary formatted documents
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190329/9db0a5f3/attachment.html>
More information about the AusNOG
mailing list