diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-EN-14:05.ciss.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-EN-14:05.ciss.asc | 127 |
1 files changed, 127 insertions, 0 deletions
diff --git a/share/security/advisories/FreeBSD-EN-14:05.ciss.asc b/share/security/advisories/FreeBSD-EN-14:05.ciss.asc new file mode 100644 index 0000000000..adffc814a5 --- /dev/null +++ b/share/security/advisories/FreeBSD-EN-14:05.ciss.asc @@ -0,0 +1,127 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:05.ciss Errata Notice + The FreeBSD Project + +Topic: data corruption with ciss(4) + +Category: core +Module: ciss +Announced: 2014-05-13 +Credits: Sean Bruno +Affects: FreeBSD 10.x and FreeBSD 9.x +Corrected: 2014-04-15 17:52:22 UTC (stable/9, 9.2-STABLE) + 2014-05-13 23:24:14 UTC (releng/9.2, 9.2-RELEASE-p6) + 2014-05-13 23:24:14 UTC (releng/9.1, 9.1-RELEASE-p13) + 2014-04-15 17:49:47 UTC (stable/10, 10.0-STABLE) + 2014-05-13 23:22:28 UTC (releng/10.0, 10.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:http://security.freebsd.org/>. + +I. Background + +The ciss driver supports HP Smart Array line of hardware RAID controllers. + +II. Problem Description + +There is a programming error discovered in the ciss(4) driver, where a missing +lock can trigger a failed assertion when the volume state changes, such as +disk failure or a disk rebuild. + +III. Impact + +Systems using the ciss(4) driver may experience system crashes or data +corruption when the volume state change. + +IV. Workaround + +No workaround is available, but systems that do not use ciss(4) devices are +not affected. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/EN-14:05/ciss.patch +# fetch http://security.FreeBSD.org/patches/EN-14:05/ciss.patch.asc +# gpg --verify ciss-10.patch.asc + +b) Apply the patch. + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/9/ r264511 +releng/9.1/ r265988 +releng/9.2/ r265988 +stable/10/ r264510 +releng/10.0/ r265987 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:05.ciss.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnNqAQAJCfdCBubWSDRO/dsSaqK6yT +bnPY4Xly523ABRCQySe0vajSIK1qqfE0bAmhYa/7BTMqyJKz0BRhx819D8SiWNS9 +Hdy4yU/hOjBkbT6KAtpBaSUNXX4ODWaNbd78c+uDSvj9UeQgrunAQC7OJR6iYWuq +25fBUXgovSr4g9puNyBs8sH+c7IzbG4HvhoPrjRDwdasEyCBzx6RggpnxusfVsd9 +91Eg/WPG3hIJW6kaHOWWeVwz4vCRZjv0u7myeJBcAa7gcwDX/J2DHeDrG60O3BNY +/fZT2UcfDxE0rEVuVnV3Vc0XkIQjuNk7G9SkGjH4Zdx+I34UT05cxU5ZrdpKNiGL +fjbo4H/KBML4agRGAPzeo3KU3rxOUmss+mh7Mu+CVoZP5uQUr1sEUkfQ+FkJjjbv +es47Ij6ZmfGyUPuVKVCW34bXm6Ieyc0QZ10kRv8paOmPsWBA+WYWGibEhvwp5v0p +AHdlGGO/FpOac4h/YEqOh6ryN8QldjCI+SCqkfs38DjeTX5IWecgax586oH7BpJm +RGc/fgx3YSO8tmMaTwKZm5VVlujsld6t95XrA2dGWOhiWcRsoWGs+SaUTNf5Y0Te +k2vD7tMsk37PG4jbp7pk4FH2Mfb9KRHe82ebdOnkOj4C5kWIB8FwYJyMIjDl3C4r +OdXZDrbyKh/swjJZJIuP +=orSF +-----END PGP SIGNATURE----- |