[Bug 289177] IPv6 temp address(es) with pltime=0 briefly loses deprecated on RA → OS may pick the old address as the source

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 23 Sep 2025 08:34:00 UTC 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289177

--- Comment #9 from commit-hook@FreeBSD.org ---
A commit in branch stable/14 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=586183128f2f04b84a9a564f83289963671f0ff2

commit 586183128f2f04b84a9a564f83289963671f0ff2
Author:     Andrey V. Elsukov <ae@FreeBSD.org>
AuthorDate: 2025-09-16 07:34:55 +0000
Commit:     Andrey V. Elsukov <ae@FreeBSD.org>
CommitDate: 2025-09-23 08:32:45 +0000

    IPv6: fix off-by-one in pltime and vltime expiration checks

    Previously, the macros used '>' instead of '>=' when comparing elapsed
    time against the preferred and valid lifetimes. This caused any deprecated
    address to become usable again for one extra second after receiving each
    Router Advertisement. In that short window, the address could be
    selected as a source for outgoing connections.

    Update the checks to use '>=' so that addresses are deprecated or
    invalid when their lifetime expires.

    PR:             289177
    Reported by:    Dmitry Nexus <fbsd.4f6a at nexus tel>
    Reviewed by:    zlei
    Submitted by:   Marek Zarychta
    Differential Revision:  https://reviews.freebsd.org/D52323

    (cherry picked from commit 588a5fad3e8b98955b60707e3e92b8b43566e3f7)

 sys/netinet6/in6.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.