A New Model for Testing IPv6 Fragment Handling

TL;DR

This paper introduces a novel model for testing IPv6 fragmentation handling, focusing on modern OS reassembly strategies, to better evaluate security vulnerabilities related to overlapping fragments and compliance with RFC standards.

Contribution

The paper presents a new fragment reassembly model based on checksum properties, improving accuracy in assessing IPv6 fragmentation handling in modern operating systems.

Findings

IPv6 fragmentation remains a security threat

Modern OS reassembly policies differ from previous byte-based models

Many OS implementations do not fully comply with RFC 5722 and RFC 9099

Abstract

Since the origins of the Internet, various vulnerabilities exploiting the IP fragmentation process have plagued IPv4 protocol, many leading to a wide range of attacks. IPv6 modified the handling of fragmentations and introduced a specific extension header, not solving the related problems, as proved by extensive literature. One of the primary sources of problems has been the overlapping fragments, which result in unexpected or malicious packets when reassembled. To overcome the problem related to fragmentation, the authors of RFC 5722 decided that IPv6 hosts MUST silently drop overlapping fragments. Since then, several studies have proposed methodologies to check if IPv6 hosts accept overlapping fragments and are still vulnerable to related attacks. However, some of the above methodologies have not been proven complete or need to be more accurate. In this paper we propose a novel model to check IPv6 fragmentation handling specifically suited for the reassembling strategies of modern operating systems. Previous models, indeed, considered OS reassembly policy as byte-based. However, nowadays, reassembly policies are fragment-based, making previous models inadequate. Our model leverages the commutative property of the checksum, simplifying the whole assessing process. Starting with this new model, we were able to better evaluate the RFC-5722 and RFC-9099 compliance of modern operating systems against fragmentation handling. Our results suggest that IPv6 fragmentation can still be considered a threat and that more effort is needed to solve related security issues.