diff options
Diffstat (limited to 'website/static/security/advisories/FreeBSD-EN-22:11.zfs.asc')
-rw-r--r-- | website/static/security/advisories/FreeBSD-EN-22:11.zfs.asc | 141 |
1 files changed, 141 insertions, 0 deletions
diff --git a/website/static/security/advisories/FreeBSD-EN-22:11.zfs.asc b/website/static/security/advisories/FreeBSD-EN-22:11.zfs.asc new file mode 100644 index 0000000000..58c53b1df5 --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-22:11.zfs.asc @@ -0,0 +1,141 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-22:11.zfs Errata Notice + The FreeBSD Project + +Topic: ZFS lseek(2) inconsistencies + +Category: contrib +Module: zfs +Announced: 2022-03-15 +Affects: FreeBSD 13.0 +Corrected: 2021-12-19 15:25:26 UTC (stable/13, 13.0-STABLE) + 2022-03-15 18:09:52 UTC (releng/13.0, 13.0-RELEASE-p8) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +0. Revision History + +v1.0 2022-03-15 -- Initial release +v1.1 2022-03-15 -- Updated Correction Details to point to fixed patch that + was missing a prerequisite in the source tree. The standalone patch + linked in this SA is correct, only the git repo needed updating. +v1.2 2022-03-16 -- Corrected dates in revision history + +I. Background + +ZFS is one of several filesystems available on FreeBSD. ZFS supports +many advanced features, including checksumming, transparent compression, +and snapshots. + +File "holes" are used by filesystems to limit the amount of storage +space occupied by a file containing long runs of zero bytes. Rather +than filling disk blocks with zeroes, file metadata can indicate the +extent of such a run and the filesystem hides the distinction from user +applications. + +II. Problem Description + +When a file containing holes is mapped using mmap(2), mapped regions +of the file may be ignored by lseek(2) when SEEK_HOLE or SEEK_DATA are +passed as the "whence" parameter. + +III. Impact + +The bug may cause application misbehavior; the precise effects depend +on the nature of the application triggering the bug. + +IV. Workaround + +No workaround is available, but systems not using ZFS are not affected. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an errata update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-22:11/zfs.patch +# fetch https://security.FreeBSD.org/patches/EN-22:11/zfs.patch.asc +# gpg --verify zfs.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 3aa1cabca37d stable/13-n248633 +releng/13.0/ 210991b1f28b releng/13.0-n244787 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + +<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256205> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:11.zfs.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmIydNQACgkQ05eS9J6n +5cKN/hAAg/J5CyNcxOQ/+N6xme1mJMmNTFyBLLuZ2RG6UuZsTvRZej/S0vBBw8+D +k/kvXAwiC2Q+cUoeylOyOrADhIsnaVrSB8ARcLnCmxjwVH2mlrq6DGeiflyOvrvh +TTmzVzXAu3dOYa8nCNYgv0jB6OYB4Z6bvLzXU4BHNuRbbVS2SaDTvz3cXOtpSCRj +C8cVrQWalAqPZWSST2+MdNvvkxqPdXe0rRnNfA8rqDz2bczRvUrizo6IR5gnXRjz +qQR/uBUBHO38azVCp2sYC0fJzYeDsLMfu20Ua9Qg7ssyoA9TokBY+39jKa8hb7p1 +2PzrxOKCyUlEwQTr4+zSiULXfOXpNb5Ev0DqSy4U+8ZkpwPY0zdSgBiWE+23OtV5 +k5JtkyXgzYIvJaFdW6KmT8qzjOUez4WiV7YSmgzWvyt9Yj053w1sC5AWbOEOKK4n +A4gCtfi4nALoVh0PxNV2CNGfnT8VpaZ+XOcQTq1s3bazJ6EIKiDga4wKEswgrMWs +0/KHbAGBpSundE1PgGsuiDusHMLi82XVYzXQxc0qrDRwhahDJ8GGOBgUFdFAvCcB +2umYwdQ7N+uGSOkmokAKPOfLWy5h0kRL1fixLqvxyOBwzlJ81onPNTzwsqvG/4EX +9S+GW/k0xgbnJt0oTqh1cwZu5wXnajg7Uqq0evqYBQVkuyomDq4= +=br+T +-----END PGP SIGNATURE----- |