UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679

David Malone dwmalone at maths.tcd.ie
Thu Nov 23 13:37:03 PST 2006

On Thu, Nov 23, 2006 at 10:30:35AM +0100, O. Hartmann wrote:
> Is for these UFS bugs in FreeBSD since 6.1 a fix uderway?
> See:
> http://projects.info-pull.com/mokb/
> MOKB-08-11-2006,CVE-2006-5824, MOKB-03-11-2006,CVE-2006-5679

These two bugs both seem to involve mounting deliberately corrupted
UFS file systems. I'm not sure that many people allow this. To be
honest, I'm surprised that they only list two bugs of this sort -
UFS wasn't designed to be robust to working with accidently corrupted
filesystems, let alone ones corrupted maliciously!

The usual response of UFS to a corrupted filesystem is to panic.
I'm guessing it would have been easier to do:

	grep panic /usr/src/sys/ufs/*/*.c

to find a load of these bugs, rather than writing a fuzzing tool ;-)

(That's not to say that it isn't worth improving things, it's just
likely to be a large amount of work to fix this in a way that
actually makes things better.)


More information about the freebsd-stable mailing list