Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Net Tile: ARP Table Size Error Ignored #2357

Open
0x0ece opened this issue Jul 9, 2024 · 1 comment
Open

Net Tile: ARP Table Size Error Ignored #2357

0x0ece opened this issue Jul 9, 2024 · 1 comment
Labels
atredis-2024 audit security Security relevant

Comments

@0x0ece
Copy link
Contributor

0x0ece commented Jul 9, 2024

https://github.com/firedancer-io/audits/blob/main/Atredis%20Partners%20-%20Firedancer%20v0.1%20Audit.pdf

Finding Overview

The ARP table stored by the Net tile cannot grow when the system's ARP table grows. If an attacker can fill the system ARP table (with valid entries or with pending entries), then the Net tile may lose access to physical addresses needed for normal communication. This may lead to degradation of communications and dropped packets.

Resolution

TODO
@ripatel-fd
Copy link
Contributor

If an attacker can fill the system ARP table (with valid entries or with pending entries)

IMO, the threat model should not include Ethernet ARP flood. Defending against ARP floods is the network administrator's job and cannot be done in pure software in Firedancer. The size of the ARP table should be specified by the user (or a config default) ahead of time and it should stay like that. Therefore, I vote to close this as "won't do".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
atredis-2024 audit security Security relevant
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@0x0ece @ripatel-fd