diff options
Diffstat (limited to 'website/static/security/advisories/FreeBSD-EN-24:03.kqueue.asc')
| -rw-r--r-- | website/static/security/advisories/FreeBSD-EN-24:03.kqueue.asc | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/website/static/security/advisories/FreeBSD-EN-24:03.kqueue.asc b/website/static/security/advisories/FreeBSD-EN-24:03.kqueue.asc new file mode 100644 index 0000000000..6ddfa84ef7 --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-24:03.kqueue.asc @@ -0,0 +1,131 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-24:03.kqueue Errata Notice + The FreeBSD Project + +Topic: kqueue_close(2) page fault on exit using rfork(2) + +Category: core +Module: kqueue +Announced: 2024-02-14 +Affects: All supported versions of FreeBSD. +Corrected: 2023-12-05 00:43:27 UTC (stable/14, 14.0-STABLE) + 2024-02-14 06:05:42 UTC (releng/14.0, 14.0-RELEASE-p5) + 2023-12-05 00:44:13 UTC (stable/13, 13.2-STABLE) + 2024-02-14 06:05:58 UTC (releng/13.2, 13.2-RELEASE-p10) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +The kqueue(2) system call provides a generic method of notifying the user +when an event happens or a condition holds. + +II. Problem Description + +Normally, when a process exits, all its kqueue fds will be destroyed at the +moment p_klist is detached. However, if the process was created with rfork(2) +with shared file descriptors, its signal knotes can survive. This can +eventually result in a page fault when the process exits. + +III. Impact + +Using kqueue(2) with a process using rfork(2) can panic the system. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date, and reboot the system. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms, +or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8) +utility: + +# freebsd-update fetch +# freebsd-update install + +Reboot the system. + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-24:03/kqueue.patch +# fetch https://security.FreeBSD.org/patches/EN-24:03/kqueue.patch.asc +# gpg --verify kqueue.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +This issue is corrected as of the corresponding Git commit hash in the +following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/14/ 24346a2f7775 stable/14-n265907 +releng/14.0/ bb06104dce0b releng/14.0-n265404 +stable/13/ 55e91944998c stable/13-n256837 +releng/13.2/ 154dedade465 releng/13.2-n254656 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + +<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275286> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-24:03.kqueue.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmXMYQwACgkQbljekB8A +Gu+GSxAA5voCfr4a2LrMmBjQvgD7XwpCNH9yvYN3chKG07TTqNWkHbCxNvc4Brzm +IXKGxvolrY3PZhXgN2KZhe/wAOf0I1ZazeW9wdk13O9G2SF5aaUYBkCvoMmPME42 +f7lVXnkxhTQAovVFQRZAK6sYCVspIPQEpavoa7rq5dDDtO9g2AqB53aAbgdBpQ0j +ClIcMzM2HdiYQBi4WuL36XVbeX6N++N5ouE8Hdz+pDcQSHuOm3VHUKlpRsEXLmYI +3uDJ8py+PGbtcLnSVALEcnreirJcCJ5em7Gaec2KXHDRis/dLW+DPlPyZp1mpIBZ +l073AME8hEOxnJOUALvxTVHQS3L35JjFmxnSGwnLzXH16v/fGUKlnAZkOftNcRan +JW1fLXB2EH+H+hdnOWiQeTCk8duIIvXuWEYf8dfP6SBMm9FfzBAoTv/K1mHxGFKZ +s3iR4WyC7Y6r56meVdNfs/F4XtVh3edhVfOdjf/5I8+Ut9HGRNuHOCepLG9DASOd +eQbhHAnHnUB21qq4Tme0eKoA130gVcBMr2NsE0lifNArLzEvvGB0Bw+9ZP9IfFeS +/fPs4Yq1XIjpgk+TDdOPGexLWCIBl0ursjZMSuGyhXkDaD1oYzF3SKWrJRkahpUq ++tN6jVPkG7Iy36myKSHofuPh641hSmk88IJPJHVrdNjo88hUti0= +=xsIs +-----END PGP SIGNATURE----- |