In association with heise online

05 October 2009, 12:34

FreeBSD security update

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

FreeBSD The FreeBSD developers have released new updates to their operating system to close three vulnerabilities. Users with restricted privileges can reportedly exploit all three holes to elevate their privileges. One of the vulnerabilities is caused by a design flaw recently also discovered and fixed in the kernel. It allows programming flaws to cause a NULL pointer dereference. A function pointer will in this case point to the (virtual) address 0, which is allocated to userland. This enables users to execute code at kernel privilege level.

To fix this problem, in the new versions the FreeBSD developers have introduced a function that prevents users from mapping code to address 0. However, this functions is disabled by default in versions 6.x and 7.x and has to be activated by setting the security.bsd.map_at_zero to 0 (using sysctl). In the forthcoming version 8, the function is to be enabled by default.

The other two flaws involve race conditions in the virtual file system (in 7.x and 6.x) and pipe issues (in 6.x) that can be exploited to dereference Null pointers. In addition to the updates, the developers have also provided source code patches.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit