Security Updates for FreeBSD
The FreeBSD developers have released updates for the free operating system to address three vulnerabilities. These vulnerabilities include an error checking permissions when processing the SIOCSIFINFO_IN6 ioctl, used for configuring IPv6 interfaces, which can lead to the entire interface crashing.
Another bug in the handling of anonymous pipes can cause the reading of memory pages by an unprivileged process, including those owned by other processes or the kernel. The other update is for the well known bug in the ntpd time protocol service.
See also:
- Local information disclosure via direct pipe writes
- Missing permission check on SIOCSIFINFO_IN6 ioctl
- ntpd stack-based buffer-overflow vulnerability
(djwm)