From 71686dde4b636f721d16e051d0bb6e1e64360000 Mon Sep 17 00:00:00 2001 From: Jukka Rissanen Date: Thu, 28 May 2020 14:33:00 +0300 Subject: [PATCH] net: ipv6: Do not add same prefix multiple times to timer list Make sure that we do not add same IPv6 prefix, received from RA, multiple times to prefix timer list. This avoids possible denial-of-service issue if we receive suitably crafted RA packet. Fixes #25698 Signed-off-by: Jukka Rissanen --- subsys/net/ip/net_if.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/subsys/net/ip/net_if.c b/subsys/net/ip/net_if.c index c26142447eb..1462e346282 100644 --- a/subsys/net/ip/net_if.c +++ b/subsys/net/ip/net_if.c @@ -1921,6 +1921,8 @@ static void prefix_start_timer(struct net_if_ipv6_prefix *ifprefix, { u64_t expire_timeout = (u64_t)MSEC_PER_SEC * (u64_t)lifetime; + (void)sys_slist_find_and_remove(&active_prefix_lifetime_timers, + &ifprefix->lifetime.node); sys_slist_append(&active_prefix_lifetime_timers, &ifprefix->lifetime.node);