Upcoming FreeBSD Security Advisory
Bryan Drewery
bryan at xzibition.com
Tue Dec 1 04:55:45 UTC 2009
Colin,
Thank you so much for alerting us and providing a temporary patch. I had
a user attempt to use the public exploit today, but due to /tmp being
noexec, it failed. Luckily I caught him before he modified the script to
work though. Now I am patched and can sleep tonight :)
Thanks,
Bryan
FreeBSD Security Officer wrote:
> Hi all,
>
> A short time ago a "local root" exploit was posted to the full-disclosure
> mailing list; as the name suggests, this allows a local user to execute
> arbitrary code as root.
>
> Normally it is the policy of the FreeBSD Security Team to not publicly
> discuss security issues until an advisory is ready, but in this case
> since exploit code is already widely available I want to make a patch
> available ASAP. Due to the short timeline, it is possible that this
> patch will not be the final version which is provided when an advisory
> is sent out; it is even possible (although highly doubtful) that this
> patch does not fully fix the issue or introduces new issues -- in short,
> use at your own risk (even more than usual).
>
> The patch is at
> http://people.freebsd.org/~cperciva/rtld.patch
> and has SHA256 hash
> ffcba0c20335dd83e9ac0d0e920faf5b4aedf366ee5a41f548b95027e3b770c1
>
> I expect a full security advisory concerning this issue will go out on
> Wednesday December 2nd.
More information about the freebsd-security
mailing list