sneaky ICMP smuggling (20250427)

Exploiting Cross-Layer Vulnerabilities: Off-Path Attacks on the TCP/IP Protocol Suite | Communications of the ACM

this was a fascinating read. i’ve really kept ICMP and TCP in different bins in my brain. however, there are some novel means for exploiting the smuggling of header info in ICMP messages to tickle TCP session behaviors when the attacker is out of the path.

well worth the read.