FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED]

Matthew Seaman m.seaman at infracaninophile.co.uk
Tue Oct 4 22:09:46 UTC 2011 

On 04/10/2011 21:38, Mark Duller wrote:
> On 10/04/11 20:15, FreeBSD Security Advisories wrote:
>> > =============================================================================
>> >
>> > 
> FreeBSD-SA-11:05.unix                                       Security
> Advisory
>> > The FreeBSD Project
>> > 
>> > Topic:          Buffer overflow in handling of UNIX socket
>> > addresses
>> > 
>> > Category:       core Module:         kern Announced:
>> > 2011-09-28 Credits:        Mateusz Guzik Affects:        All
>> > supported versions of FreeBSD.
> <snip>
>> > IV.  Workaround
>> > 
>> > No workaround is available, but systems without untrusted local
>> > users are not vulnerable.

> Does this affect a default FreeBSD install? I believe linux emulation
> support is disabled by default?

Ish.  Sort of.  The default system contains the linux.ko loadable module
which is not loaded by default, but would be caused to automatically
load into the kernel by installing one of the linux_base ports.  Nothing
needs to be re-compiled in order to enable linux compat, and it doesn't
even require a reboot, but it does require root privileges to kldload
the module.

The underlying unix domain socket vulnerability affected all released
and development versions of FreeBSD up to the point where the advisory
was first issued.  If you'ld applied the patches from the original
advisory then you should already be secure.  If your system definitely
doesn't run any linux binaries and never will do, then the additional
bits in the revised patch won't do anything for you.  However, without
the additional changes any linux applications that try to use unix
domain sockets will crash.  This doesn't result in any additional
security exposure, but it certainly won't endear your users to you.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew at infracaninophile.co.uk               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20111004/0a8e2524/signature.pgp

More information about the freebsd-security mailing list