Since the origins of the Internet, various vulnerabilities exploiting the IP fragmentation process have plagued IPv4 protocol, many leading to a wide range of attacks. IPv6 modified the handling of fragmentations and introduced a specific extension header, not solving the related problems, as proved by extensive literature. One of the primary sources of problems has been the overlapping fragments, which result in unexpected or malicious packets when reassembled. To overcome the problem related to fragmentation, the authors of RFC 5722 decided that IPv6 hosts MUST silently drop overlapping fragments. Since then, several studies have proposed methodologies to check if IPv6 hosts accept overlapping fragments and are still vulnerable to related attacks. However, some of the above methodologies have not been proven complete or need to be more accurate. In this paper we propose a novel model to check IPv6 fragmentation handling specifically suited for the reassembling strategies of modern operating systems. Previous models, indeed, considered OS reassembly policy as byte-based. However, nowadays, reassembly policies are fragment-based, making previous models inadequate. Our model leverages the commutative property of the checksum, simplifying the whole assessing process. Starting with this new model, we were able to better evaluate the RFC-5722 and RFC-9099 compliance of modern operating systems against fragmentation handling. Our results suggest that IPv6 fragmentation can still be considered a threat and that more effort is needed to solve related security issues.

翻译：自互联网诞生以来，利用IP分片过程的各种漏洞一直困扰着IPv4协议，其中许多漏洞导致了广泛的攻击。IPv6修改了分片处理方式并引入了特定的扩展头，但大量文献表明这并未解决相关问题。重叠分片问题一直是主要根源之一，这些分片在重组时会产生意外或恶意数据包。为解决与分片相关的问题，RFC 5722的作者规定IPv6主机必须静默丢弃重叠分片。此后，多项研究提出了测试IPv6主机是否接受重叠分片以及是否仍易受相关攻击的方法。然而，其中一些方法尚未被证明完备，或需要更精确。本文提出了一种新颖的模型，专门针对现代操作系统的重组策略来测试IPv6分片处理。此前的模型将操作系统的重组策略视为基于字节的，但如今的重组策略是基于分片的，这使得以往模型不再适用。我们的模型利用校验和的交换性质，简化了整个评估过程。基于这一新模型，我们得以更好地评估现代操作系统在分片处理方面对RFC 5722和RFC 9099的合规性。结果表明，IPv6分片仍可被视为一种威胁，且需要投入更多努力来解决相关的安全问题。