Re: [lvs-users] TCP sequence number vulnerabilities

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] TCP sequence number vulnerabilities
From: Graeme Fowler <graeme@xxxxxxxxxxx>
Date: Wed, 10 Jul 2013 11:39:51 +0100
On 9 Jul 2013, at 16:22, Edgar Danielyan <edd@xxxxxxxxxxxxx> wrote:
> Could someone confirm if the following issues have been addressed in
> LVS and if so what version(s)?
> Linux Kernel TCP Sequence Number Generation Security Weakness - CVE-2011-3188
> TCP/IP Sequence Prediction Blind Reset Spoofing DoS - CVE-2004-0230

I could be wrong (it's happened before) but these were fixed in the Liux 
kernel's IP stack some time ago. As LVS/IPVS sits atop that, is there anything 
to be addressed here?

Please read the documentation before posting - it's available at: mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>