Slashdot Mirror

← Back to Stories (view on slashdot.org)

FreeBSD Kernel Leak

Posted by Hemos on from the batten-the-hatches dept.

Pine Digital Security announced a FreeBSD kernel leak, found when auditing a customer. The leak can be exploited to panic the server or elevate privileges. FreeBSD swiftly updated CVS, a security advisory will probably follow. Both the -RELEASE branch and -CURRENT branch are vulnerable.

3 of 81 comments (clear)

  1. Re:Zealots... by Nickus · · Score: 3, Interesting

    Why would this be a big blow? It was a big problem when the latest OpenSSH bug came along. Or when Sun had a problem with NIS (I administrate multiple platforms and around 50 servers by now). It is just another security problem and in a few months we will see another one. Who cares what platforms it is. You compile, install and go on with your life.

  2. Re:Key Phrase by xA40D · · Score: 3, Interesting

    "FreeBSD swiftly updated CVS"

    I love open-source.

    Indeed.

    I use FreeBSD_STABLE, I cvsup and recompile once a month. As the STABLE branch is "not vulnerable after 20021111" I'm happy to say I'd closed this particular hole 2 weeks before the FreeBSD authorities team had been informed of it's existance.

    --
    Do you mind, your karma has just run over my dogma.
  3. Re:Rackspace by R.Caley · · Score: 3, Interesting
    Is this the reason that Rackspace would not let me use FreeBSD on their network 6 months ago?

    The less cynical interpretation is that they don't have the support smarts to support FBSD.

    The cynic in me suggests they have a deal with Red Hat.

    --
    _O_
    .|<     The named which can be named is not the true named