diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-09:14.devfs.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-SA-09:14.devfs.asc | 141 |
1 files changed, 0 insertions, 141 deletions
diff --git a/share/security/advisories/FreeBSD-SA-09:14.devfs.asc b/share/security/advisories/FreeBSD-SA-09:14.devfs.asc deleted file mode 100644 index 79d0a7f02e..0000000000 --- a/share/security/advisories/FreeBSD-SA-09:14.devfs.asc +++ /dev/null @@ -1,141 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -============================================================================= -FreeBSD-SA-09:14.devfs Security Advisory - The FreeBSD Project - -Topic: Devfs / VFS NULL pointer race condition - -Category: core -Module: kern -Announced: 2009-10-02 -Credits: Przemyslaw Frasunek -Affects: FreeBSD 6.x and 7.x -Corrected: 2009-05-18 10:41:59 UTC (RELENG_7, 7.2-STABLE) - 2009-10-02 18:09:56 UTC (RELENG_7_2, 7.2-RELEASE-p4) - 2009-10-02 18:09:56 UTC (RELENG_7_1, 7.1-RELEASE-p8) - 2009-10-02 18:09:56 UTC (RELENG_6, 6.4-STABLE) - 2009-10-02 18:09:56 UTC (RELENG_6_4, 6.4-RELEASE-p7) - 2009-10-02 18:09:56 UTC (RELENG_6_3, 6.3-RELEASE-p13) - -For general information regarding FreeBSD Security Advisories, -including descriptions of the fields above, security branches, and the -following sections, please visit <URL:http://security.FreeBSD.org/>. - -I. Background - -The device file system (devfs) provides access to system devices, such as -storage devices and serial ports, via the file system namespace. - -VFS is the Virtual File System, which abstracts file system operations in -the kernel from the actual underlying file system. - -II. Problem Description - -Due to the interaction between devfs and VFS, a race condition exists -where the kernel might dereference a NULL pointer. - -III. Impact - -Successful exploitation of the race condition can lead to local kernel -privilege escalation, kernel data corruption and/or crash. - -To exploit this vulnerability, an attacker must be able to run code with user -privileges on the target system. - -IV. Workaround - -An errata note, FreeBSD-EN-09:05.null has been released simultaneously to -this advisory, and contains a kernel patch implementing a workaround for a -more broad class of vulnerabilities. However, prior to those changes, no -workaround is available. - -V. Solution - -Perform one of the following: - -1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the -RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch -dated after the correction date. - -2) To patch your present system: - -The following patches have been verified to apply to FreeBSD 6.3, 6.4, -7.1, and 7.2 systems. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -[FreeBSD 6.x] -# fetch http://security.FreeBSD.org/patches/SA-09:14/devfs6.patch -# fetch http://security.FreeBSD.org/patches/SA-09:14/devfs6.patch.asc - -[FreeBSD 7.x] -# fetch http://security.FreeBSD.org/patches/SA-09:14/devfs7.patch -# fetch http://security.FreeBSD.org/patches/SA-09:14/devfs7.patch.asc - -b) Apply the patch. - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile your kernel as described in -<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the -system. - -VI. Correction details - -The following list contains the revision numbers of each file that was -corrected in FreeBSD. - -CVS: - -Branch Revision - Path -- ------------------------------------------------------------------------- -RELENG_6 - src/sys/fs/devfs/devfs_vnops.c 1.114.2.17 -RELENG_6_4 - src/UPDATING 1.416.2.40.2.11 - src/sys/conf/newvers.sh 1.69.2.18.2.13 - src/sys/fs/devfs/devfs_vnops.c 1.114.2.16.2.2 -RELENG_6_3 - src/UPDATING 1.416.2.37.2.18 - src/sys/conf/newvers.sh 1.69.2.15.2.17 - src/sys/fs/devfs/devfs_vnops.c 1.114.2.15.2.1 -RELENG_7 - src/sys/fs/devfs/devfs_vnops.c 1.149.2.9 -RELENG_7_2 - src/UPDATING 1.507.2.23.2.7 - src/sys/conf/newvers.sh 1.72.2.11.2.8 - src/sys/fs/devfs/devfs_vnops.c 1.149.2.8.2.2 -RELENG_7_1 - src/UPDATING 1.507.2.13.2.11 - src/sys/conf/newvers.sh 1.72.2.9.2.12 - src/sys/fs/devfs/devfs_vnops.c 1.149.2.4.2.2 -- ------------------------------------------------------------------------- - -Subversion: - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/6/ r197715 -releng/6.4/ r197715 -releng/6.3/ r197715 -stable/7/ r192301 -releng/7.2/ r197715 -releng/7.1/ r197715 -- ------------------------------------------------------------------------- - -VII. References - -The latest revision of this advisory is available at -http://security.FreeBSD.org/advisories/FreeBSD-SA-09:14.devfs.asc ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.10 (FreeBSD) - -iD8DBQFKxltlFdaIBMps37IRAp4zAJwJEwIySGqxH4EXwc0wjkDXlcTb1wCfTltO -Syds53GSM0YbsMNUVMGsLaU= -=exPZ ------END PGP SIGNATURE----- |