Re: FreeBSD Security Advisory FreeBSD-SA-25:09.netinet
0 views
Skip to first unread message
mike tancsa
Oct 22, 2025, 1:23:22 PMOct 22
to FreeBSD Questions
On 10/22/2025 1:03 PM, FreeBSD Security Advisories wrote:
> III. Impact
>
> Software which sets SO_REUSEPORT_LB on a socket and then connects it
> to a host
> will not observe any problems. However, due to its membership in a
> load-balancing group, that socket will receive packets originating
> from any
> host. This breaks the contract of the connect(2) and implied connect via
> sendto(2), and may leave the application vulnerable to spoofing attacks.
>
Trying to better understand the impact of this bug. Am I right to read
that an attacker needs local access first ? What would the common apps
be that would be at issue ? Looks like unbound is one. I dont see
apache24 reference SO_REUSEPORT_LB.
eg.
1{r-14mfitest}# pwd
/usr/ports/www/apache24
0{r-14mfitest}# make extract
0{r-14mfitest}# find . -type f | xargs grep SO_REUSEPORT_LB
1{r-14mfitest}#
would it be vulnerable in a dependent lib perhaps ?
---Mike
> III. Impact
>
> Software which sets SO_REUSEPORT_LB on a socket and then connects it
> to a host
> will not observe any problems. However, due to its membership in a
> load-balancing group, that socket will receive packets originating
> from any
> host. This breaks the contract of the connect(2) and implied connect via
> sendto(2), and may leave the application vulnerable to spoofing attacks.
>
Trying to better understand the impact of this bug. Am I right to read
that an attacker needs local access first ? What would the common apps
be that would be at issue ? Looks like unbound is one. I dont see
apache24 reference SO_REUSEPORT_LB.
eg.
1{r-14mfitest}# pwd
/usr/ports/www/apache24
0{r-14mfitest}# make extract
0{r-14mfitest}# find . -type f | xargs grep SO_REUSEPORT_LB
1{r-14mfitest}#
would it be vulnerable in a dependent lib perhaps ?
---Mike
Reply all
Reply to author
Forward
0 new messages