diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-EN-18:12.mem.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-EN-18:12.mem.asc | 139 |
1 files changed, 0 insertions, 139 deletions
diff --git a/share/security/advisories/FreeBSD-EN-18:12.mem.asc b/share/security/advisories/FreeBSD-EN-18:12.mem.asc deleted file mode 100644 index c6d6e72b84..0000000000 --- a/share/security/advisories/FreeBSD-EN-18:12.mem.asc +++ /dev/null @@ -1,139 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -============================================================================= -FreeBSD-EN-18:12.mem Errata Notice - The FreeBSD Project - -Topic: Small kernel memory disclosures in two system calls - -Category: core -Module: kernel -Announced: 2018-09-27 -Credits: Thomas Barabosch, Fraunhofer FKIE -Affects: All supported versions of FreeBSD. -Corrected: 2018-09-27 18:42:40 UTC (stable/11, 11.2-STABLE) - 2018-09-27 18:36:30 UTC (releng/11.2, 11.2-RELEASE-p4) - 2018-09-27 18:36:30 UTC (releng/11.1, 11.1-RELEASE-p15) - 2018-09-27 18:44:40 UTC (stable/10, 10.4-STABLE) - 2018-09-27 18:36:30 UTC (releng/10.4, 10.4-RELEASE-p13) -CVE Name: CVE-2018-17155 - -For general information regarding FreeBSD Errata Notices and Security -Advisories, including descriptions of the fields above, security -branches, and the following sections, please visit -<URL:https://security.FreeBSD.org/>. - -I. Background - -The kernel provides an interface for userland programs via system calls. Two -of these system calls are named getcontext and swapcontext. - -II. Problem Description - -Due to insufficient initialization of memory copied to userland in the -getcontext and swapcontext system calls, small amounts of kernel memory may -be disclosed to userland processes. - -III. Impact - -An unprivileged local user may be able to create a specific program to read -the contents of small portions of kernel memory. - -Such memory might contain sensitive information, such as portions of the file -cache or terminal buffers. This information might be directly useful, or it -might be leveraged to obtain elevated privileges in some way; for example, -a terminal buffer might include a user-entered password. - -IV. Workaround - -No workaround is available. - -V. Solution - -Perform one of the following: - -1) Upgrade your system to a supported FreeBSD stable or release / security -branch (releng) dated after the correction date. - -Afterward, reboot the system. - -2) To update your system via a binary patch: - -Systems running a RELEASE version of FreeBSD on the i386 or amd64 -platforms can be updated via the freebsd-update(8) utility: - -# freebsd-update fetch -# freebsd-update install - -Afterward, reboot the system. - -3) To update your system via a source code patch: - -The following patches have been verified to apply to the applicable -FreeBSD release branches. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -# fetch https://security.FreeBSD.org/patches/EN-18:12/mem.patch -# fetch https://security.FreeBSD.org/patches/EN-18:12/mem.patch.asc -# gpg --verify mem.patch.asc - -b) Apply the patch. Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile your kernel as described in -<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the -system. - -VI. Correction details - -The following list contains the correction revision numbers for each -affected branch. - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/10/ r339984 -releng/10.4/ r338981 -stable/11/ r339983 -releng/11.1/ r338981 -releng/11.2/ r338981 -- ------------------------------------------------------------------------- - -To see which files were modified by a particular revision, run the -following command, replacing NNNNNN with the revision number, on a -machine with Subversion installed: - -# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base - -Or visit the following URL, replacing NNNNNN with the revision number: - -<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> - -VII. References - -<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17155> - -The latest revision of this advisory is available at -<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-18:12.mem.asc> ------BEGIN PGP SIGNATURE----- - -iQKSBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlutKU5fFIAAAAAALgAo -aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD -MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n -5cJfGA/3XLR2dunxnQZYQvdpA8k9HA1zHfKFUMbTJqESIZPofvLnFJiw7gwDl0mF -pMC5LCi+k+LIIsXPLzRk/7BUmoCt/hCbD7BOVuiYXhIZy0VgKhaOggSvOXYOsjNl -JTJa5zGsKm4BUNhAkxcJtCO9i+gOShZ2fxiJ9SU7bO/gVl5HoMh56KWTLUBXX2jD -vZfEvxJvllbvk6ST68jb7C0Ix47+idRO2hdfxVLyZfD1PsILIy6JThqKqsbGgqbA -+ma7OnCigxwI0bds4nusi7vNu3IiFuzjBLfV9exW8kcRgyotOsmCfCjSOlOcEJvR -gKcmqZccf1SMGFR336YwGB66xL56QwpgN+UZ/QhmBX15mqI/oAekd0W3fb3OmfvW -bMiDo0MHmtZqiSnQyUOcCPRW5s0l8EHeWCVbjKX1ViqY6e4NdQajrjRUyXnOqcM5 -vtTWAJ+BCc3Acg1V4nkjF7HNCUyGObKZcbDqK7M7p5+i/CFxJkCdKu0x8dsZRHL8 -7V4SL1sb9OkPWjBxyzHuiQNGJfTgknDsIxvBYcdPVukTtGzrWH1skhdWL2O0CNvQ -Quk2YQePQ/X4ICPIB3s+Yao5N8t0FoEM4Hus6nSCpNRyP5XpCaBISHbhG8Ay7yJr -1p0YkV22eQ5KXiNY6Qmof7S0S1p8IZlomO8J8I/yGuwqh2mkkQ== -=uZtl ------END PGP SIGNATURE----- |