Since the origins of the Internet, various vulnerabilities exploiting the IP fragmentation process have plagued IPv4 protocol, many leading to a wide range of attacks. IPv6 modified the handling of fragmentations and introduced a specific extension header, not solving the related problems, as proved by extensive literature. One of the primary sources of problems has been the overlapping fragments, which result in unexpected or malicious packets when reassembled. To overcome the problem related to fragmentation, the authors of RFC 5722 decided that IPv6 hosts MUST silently drop overlapping fragments. Since then, several studies have proposed methodologies to check if IPv6 hosts accept overlapping fragments and are still vulnerable to related attacks. However, some of the above methodologies have not been proven complete or need to be more accurate. In this paper we propose a novel model to check IPv6 fragmentation handling specifically suited for the reassembling strategies of modern operating systems. Previous models, indeed, considered OS reassembly policy as byte-based. However, nowadays, reassembly policies are fragment-based, making previous models inadequate. Our model leverages the commutative property of the checksum, simplifying the whole assessing process. Starting with this new model, we were able to better evaluate the RFC-5722 and RFC-9099 compliance of modern operating systems against fragmentation handling. Our results suggest that IPv6 fragmentation can still be considered a threat and that more effort is needed to solve related security issues.

翻译：自互联网起源以来，利用IP分片过程的各种漏洞一直困扰着IPv4协议，其中许多漏洞导致了广泛的攻击。IPv6修改了分片处理方式并引入了特定的扩展头，但并未解决相关问题，这一点已有大量文献证实。问题的主要根源之一是分片重叠，这会在重组时产生意外或恶意的数据包。为克服与分片相关的问题，RFC 5722的作者规定IPv6主机必须静默丢弃重叠分片。此后，多项研究提出了检测IPv6主机是否接受重叠分片并仍易受相关攻击的方法。然而，其中一些方法尚未被证明是完整的，或需要更精确的改进。本文提出了一种新颖的模型，专门用于测试IPv6分片处理，尤其适用于现代操作系统的重组策略。以往的模型将操作系统的重组策略视为基于字节的，而如今的重组策略是基于分片的，这使得先前的模型不再适用。我们的模型利用了校验和的交换性质，简化了整个评估过程。基于这一新模型，我们能够更有效地评估现代操作系统在分片处理方面对RFC 5722和RFC 9099的符合性。研究结果表明，IPv6分片仍可被视为一种威胁，需要付出更多努力来解决相关的安全问题。