Date: Tue, 04 Oct 2011 23:09:34 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Mark Duller <mark.duller@oucs.ox.ac.uk> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED] Message-ID: <4E8B841E.8000406@infracaninophile.co.uk> In-Reply-To: <4E8B6EBF.4060308@oucs.ox.ac.uk> References: <201110041915.p94JFgpT092868@freefall.freebsd.org> <4E8B6EBF.4060308@oucs.ox.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigF858F74B77284BCA0D98A3AE Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 04/10/2011 21:38, Mark Duller wrote: > On 10/04/11 20:15, FreeBSD Security Advisories wrote: >> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D >> > >> >=20 > FreeBSD-SA-11:05.unix Security > Advisory >> > The FreeBSD Project >> >=20 >> > Topic: Buffer overflow in handling of UNIX socket >> > addresses >> >=20 >> > Category: core Module: kern Announced: >> > 2011-09-28 Credits: Mateusz Guzik Affects: All >> > supported versions of FreeBSD. > <snip> >> > IV. Workaround >> >=20 >> > No workaround is available, but systems without untrusted local >> > users are not vulnerable. > Does this affect a default FreeBSD install? I believe linux emulation > support is disabled by default? Ish. Sort of. The default system contains the linux.ko loadable module which is not loaded by default, but would be caused to automatically load into the kernel by installing one of the linux_base ports. Nothing needs to be re-compiled in order to enable linux compat, and it doesn't even require a reboot, but it does require root privileges to kldload the module. The underlying unix domain socket vulnerability affected all released and development versions of FreeBSD up to the point where the advisory was first issued. If you'ld applied the patches from the original advisory then you should already be secure. If your system definitely doesn't run any linux binaries and never will do, then the additional bits in the revised patch won't do anything for you. However, without the additional changes any linux applications that try to use unix domain sockets will crash. This doesn't result in any additional security exposure, but it certainly won't endear your users to you. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enigF858F74B77284BCA0D98A3AE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6LhCUACgkQ8Mjk52CukIx/3ACglRST1+YFsWlzuSKWkZm+IC/X 8nwAn1Be5XpGEmOmhklAF/wpy99BhBJ1 =Pqp7 -----END PGP SIGNATURE----- --------------enigF858F74B77284BCA0D98A3AE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E8B841E.8000406>