Date: Mon, 13 Apr 2009 21:47:03 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: OpenBSD/FreeBSD pf issue ? Message-ID: <200904132247.04332.max@love2party.net> In-Reply-To: <200904131857.n3DIvV7C025975@lava.sentex.ca> References: <200904131857.n3DIvV7C025975@lava.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 13 April 2009 20:58:14 Mike Tancsa wrote: > ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/013_pf.patch > > http://helith.net/txt/openbsd_4.3-current_pf_null_pointer_dereference_kerne >l_panic.txt > > > Not sure if this impacts FreeBSD or not ? It looks like FreeBSD is not vulnerable to this - it seems the problem was introduced with OpenBSD pf.c rev. 1.539 (which first appeared in OpenBSD 4.2). Our last full import was OpenBSD 4.1 which doesn't include the vulnerability. Please note that this a preliminary assessment - I will follow-up with a proper version as soon as more people have looked at the situation. Feel free to pitch in if you see remaining problems in the FreeBSD version of pf.c - maybe off-list. In addition it might make sense to drop this kind of packets as part of the "scrub" process, but that is not an immediate concern at this point. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904132247.04332.max>