Potential user/kernel pointer bugs in FreeBSD 5.3
Colin Percival
colin.percival at wadham.ox.ac.uk
Fri Jan 7 15:24:39 PST 2005
Sean Whalen wrote:
> We recently did work with the Cqual type inference tool to identify
> potential user/kernel pointer bugs in FreeBSD 5.3. Our paper is
> available here: http://www.node99.org/projects/bsduk/
>
> We identified 5 potential bugs which we are looking to confirm with the
> community. Page 10 contains an example of one such candidate. More
> true positives may be identified by using a machine with 10 or more gigs
> of RAM for inter-file analysis of the entire kernel. If interested,
> please email me.
Sean,
Coverity got to that particular bug first -- it was fixed as part of the
FreeBSD-SA-04:17.procfs security advisory.
Could you send the rest of these to secteam at freebsd.org? We'd like to
look at them and fix any security issues before they are publicly disclosed.
Thanks,
Colin Percival
More information about the freebsd-hackers
mailing list