Patch-ID# 102010-06
Keywords: security denial getsockopt RESET trap leak bus TCP SYN
Synopsis: SunOS 4.1.3_U1: TCP Interface Patch
Date: Jan/13/98

Solaris Release: 1.1.1

SunOS Release: 4.1.3_U1

Unbundled Product: 

Unbundled Release: 

Relevant Architectures: sun4(all)

BugId's fixed with this patch: 4041410 1182957 1097784 1077939 1062394 1185571 1199120 1053503 1151988 1071377 1170239 4094997

Changes incorporated in this version: 4094997

Patches accumulated and obsoleted by this patch: 101790-01

Patches required with this patch:

Patches which conflict with this patch: 

Obsoleted by: 

Files included with this patch: ip_output.o
				tcp_usrreq.o
				tcp_timer.o
				tcp_input.o
				tcp_output.o

Problem Description: 

-01 & -02 rev:
    1199120
        TCP connections do not reset correctly after crash-restart

    1053503
        Under certain conditions the tcp code gets in a loop
        and continuously sends acks, when using the loopback
        interface this freezes the system.

    1151988
        System panic in tcp_respond()

    1071377
        sigio was not being generated properly when tcp sockets were used

    1170239
        Exponential backoff timer not reset
-03 Rev:
    1097784 
	TCP "reset"s can cause an mbuf leak, resulting in mbuf map full

    1077939
	If an application does a getsockopt() on a SOCK_STREAM (TCP) socket
	after the other side of the connection has sent a TCP RESET for
	the stream, the kernel gets a Bus Trap in the tcp_ctloutput() or
	ip_ctloutput() routine.

    1062394
	A TCP RESET will be sent if the application does a write() to
	the socket after the other side of the connection has closed
	the socket (causing the remote end to be in FIN_WAIT_2 state,
	and the local end to be in CLOSE_WAIT state).

    1185571
	System table file entry leaking for socket

-04 Rev:
    1182957
	SYN attack may cause TCP denial of service

-05 Rev:
    4041410 
       rcp connection can be incorrectly reset by 2.X peer

-06 Rev:
    4094997
       SunOS 4.x is vulnerable to land.c attack


Patch Installation Instructions: 

1) As root, save a copy of files to be patched:

mv /sys/`arch -k`/OBJ/tcp_usrreq.o /sys/`arch -k`/OBJ/tcp_usrreq.o.FCS
mv /sys/`arch -k`/OBJ/ip_output.o  /sys/`arch -k`/OBJ/ip_output.o.FCS
mv /sys/`arch -k`/OBJ/tcp_timer.o  /sys/`arch -k`/OBJ/tcp_timer.o.FCS 
mv /sys/`arch -k`/OBJ/tcp_input.o  /sys/`arch -k`/OBJ/tcp_input.o.FCS 
mv /sys/`arch -k`/OBJ/tcp_output.o  /sys/`arch -k`/OBJ/tcp_output.o.FCS 

2) Install the patched files and set permissions:

cp `arch -k`/tcp_usrreq.o /sys/`arch -k`/OBJ
cp `arch -k`/ip_output.o /sys/`arch -k`/OBJ
cp `arch -k`/tcp_timer.o /sys/`arch -k`/OBJ
cp `arch -k`/tcp_input.o /sys/`arch -k`/OBJ
cp `arch -k`/tcp_output.o /sys/`arch -k`/OBJ

chmod 444 /sys/`arch -k`/OBJ/tcp_*.o
chmod 444 /sys/`arch -k`/OBJ/ip_output.o

3) Rebuild the new kernel.
   Please refer to the System and Network Administration manual
   for details on building and installing a new kernel.
