Slashdot Mirror

← Back to Stories (view on slashdot.org)

FreeBSD security Advisories: FreeBSD-SA-03:09.sign

Posted by Hemos on from the alert-alert-alert dept.

Dan writes "FreeBSD security team has released two new advisories. The first advisory entitled "Insufficient range checking of signal numbers" could allow a malicious local user to use this vulnerability as a local denial-of-service attack. The second advisory "Kernel memory disclosure via ibcs2" could allow a malicious user to call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory containing sensitive information."

2 of 78 comments (clear)

  1. Malloc(sizeof(ram.total) - sizeof(ram.used)); by mnmn · · Score: 2, Interesting

    I wouldnt worry about ibcs, always compile a kernel without it(and other binary compatibilities) for real usage. The statfs problem looks real and worrisome though. We've seen too many of similar problems where a user grabs large memory and reads the sensitive data.

    I wonder if a C-reading script could read all the source code and mark all the big mallocs/reallocs that users get access to.

    --
    "Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
    1. Re:Malloc(sizeof(ram.total) - sizeof(ram.used)); by phoenix_rizzen · · Score: 2, Interesting

      How does one disable the building of kernel modules? I've only ever seen the NO_MODULES_WITH_WORLD knob, but nothing to completely disable the building of modules.