diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-EN-16:08.zfs.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-EN-16:08.zfs.asc | 137 |
1 files changed, 0 insertions, 137 deletions
diff --git a/share/security/advisories/FreeBSD-EN-16:08.zfs.asc b/share/security/advisories/FreeBSD-EN-16:08.zfs.asc deleted file mode 100644 index 427da72348..0000000000 --- a/share/security/advisories/FreeBSD-EN-16:08.zfs.asc +++ /dev/null @@ -1,137 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -============================================================================= -FreeBSD-EN-16:08.zfs Errata Notice - The FreeBSD Project - -Topic: Memory leak in ZFS - -Category: contrib -Module: zfs -Announced: 2016-05-04 -Credits: Eric Borisch -Affects: All supported versions of FreeBSD. -Corrected: 2016-03-18 13:32:00 UTC (stable/10, 10.3-STABLE) - 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) - 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) - 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) - 2016-03-18 13:32:37 UTC (stable/9, 9.3-STABLE) - 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) - -For general information regarding FreeBSD Errata Notices and Security -Advisories, including descriptions of the fields above, security -branches, and the following sections, please visit -<URL:https://security.FreeBSD.org/>. - -I. Background - -ZFS is one of several filesystems available on FreeBSD. ZFS supports many -advanced features, including snapshots, which provides a frozen read-only -image of file system at a given time. - -File system snapshots can be accessed under the .zfs/snapshot directory -in the root of the file system. - -II. Problem Description - -There is a memory leak in the error path when mounting a snapshot via the -automatic .zfs/snapshot directory, which can be triggered when the snapshot -was once mounted, but later deleted by the system administrator. - -III. Impact - -A local user may be able to trigger the memory leak multiple times and -eventually exhaust kernel memory, if the user knows a snapshot and access -it before the system administrator deletes it. - -IV. Workaround - -No workaround is available, but systems that do not use ZFS snapshots are -not affected. - -V. Solution - -Perform one of the following: - -1) Upgrade your system to a supported FreeBSD stable or release / security -branch (releng) dated after the correction date. - -Reboot is required. - -2) To update your system via a binary patch: - -Systems running a RELEASE version of FreeBSD on the i386 or amd64 -platforms can be updated via the freebsd-update(8) utility: - -# freebsd-update fetch -# freebsd-update install - -Reboot is required. - -3) To update your system via a source code patch: - -The following patches have been verified to apply to the applicable -FreeBSD release branches. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -# fetch https://security.FreeBSD.org/patches/EN-16:08/zfs.patch -# fetch https://security.FreeBSD.org/patches/EN-16:08/zfs.patch.asc -# gpg --verify zfs.patch.asc - -b) Apply the patch. Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile your kernel as described in -<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the -system. - -VI. Correction details - -The following list contains the correction revision numbers for each -affected branch. - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/9/ r297022 -releng/9.3/ r299068 -stable/10/ r297021 -releng/10.1/ r299068 -releng/10.2/ r299067 -releng/10.3/ r299066 -- ------------------------------------------------------------------------- - -To see which files were modified by a particular revision, run the -following command, replacing NNNNNN with the revision number, on a -machine with Subversion installed: - -# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base - -Or visit the following URL, replacing NNNNNN with the revision number: - -<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> - -VII. References - -The latest revision of this advisory is available at -<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-16:08.zfs.asc> ------BEGIN PGP SIGNATURE----- - -iQIcBAEBCgAGBQJXKk4dAAoJEO1n7NZdz2rnscQQAODmJLkUgi8YgTP32IuWyz+N -mX/g5HNKGWP7COTzsoIFrGZ1l+BqWwqcX9cSR1K3fFOYSDPPgug3qMHdfg63RIsm -G9sJRQ/XdsUC6436UYGe3ElZyqKUjrKSPW2pA95AYVWMiJTJwly+Vd6UqDadLKmA -HyebF2uh5HR7JpkTyw9lT6uN4FHTIF6NfKruap3m+NNCMw64w4bILwOLuylvxT+0 -fiPJRlZ5X+I9lRM7QqO8m/S4AYAHeFAu/GG8GDPR2kO6ZuW2iuIQg04tfv8JmHgG -4074OkCo7etJ6qq59EC1Y7k6TpuNDuiTNtTpn5DnOWVCaduZnGxZo0FhKhZg7b0K -D4uJkXF8aSTi4Y9rp4ynEP+d1NJD7B5dLnI5R3P3EGuGKhigymI0QlT+iDy/UGLT -rG1Hx9Tsq1CsrpUe6/Go6Daqt4VxW/WYtOULDZBoVaIhhKk5H4gV1Yj66MUAsPhZ -Fe+hMnehYdCcKlSYrlCaF6MTosAafhzyTgxDKehgc0K1RPxHXOME98NF76erU1Vx -62P7sdq3JrYFNg+9TUkyjaYnhc5XrHtShzCJxcMKm0NMNm7nWfyYYVwvBYpflSUI -AE1VGcgAAlnH/yLnJPJL1BY6hfjsA2wPO+vituxOGDKCvSuUdWCV1baAW9ySmG4K -Pgle9/Qvg/BNvtVL3dvv -=PzFd ------END PGP SIGNATURE----- |