Archive | FreeBSD Security Advisories RSS feed for this section
FreeBSD Security Advisory (mbuf)
The FreeBSD Security Team have identified a little bug in FreeBSD where a lost mbuf flag can result in data loss. “I. Background An mbuf is a basic unit of memory management in the FreeBSD kernel inter-process communication and networking subsystem. Network packets and socket buffers are dependent on mbufs for their storage. Data can [...]
Continue reading...FreeBSD 7.2 EoL coming soon
8. June 2010
On June 30th, FreeBSD 7.2 will reach its End of Life and will no longer be supported by the FreeBSD Security Team. Users of this release are strongly encouraged to upgrade to FreeBSD 7.3 before that date; FreeBSD 7.3 will be supported until the end of March 2012. Please note that since FreeBSD 7.1 has [...]
Continue reading...FreeBSD security advisories (jail, nfsclient, opie)
29. May 2010
The FreeBSD Security Team has issued the following security advisories: FreeBSD-SA-10:04.jail FreeBSD-SA-10:06.nfsclient FreeBSD-SA-10:05.opie Read the messages how your system will be affected and how you can update it.
Continue reading...FreeBSD Errata: Deadlock in ULE scheduler
5. March 2010
A problem has been identified with the FreeBSD 7 series ULE Scheduler : FreeBSD has two schedulers: the classic 4BSD scheduler and a newer, more SMP-aware scheduler called ULE. The 4BSD scheduler was the default scheduler until FreeBSD 7.0. Starting with FreeBSD 7.1 the default scheduler is ULE. The scheduler is responsible for allocating CPU [...]
Continue reading...FreeBSD 7.x & 8.x Root Exploit Patched!
4. December 2009
A security bug in the latest version of FreeBSD can be exploited to grant unprivileged users complete control over the operating system, a German researcher discovered. The flaw is present in FreeBSD 8.0 and is known to affect versions 7.1 and 7.2. “A short time ago a “local root” exploit was posted to the full-disclosure mailing list; as [...]
Continue reading...FreeBSD FIFO resource leak
10. November 2009
Researches Chitti Nimmagadda and Dorr H. Clark of Santa Clara University seem to have discovered and reported a bug in usr/src/sys/fs/fifofs/fifo_vnops.c of FreeBSD 8.0-STABLE release as reported on the FreeBSD bugs mailinglist. We believe we have identified a significant resource leak present in 6.x, 7.x, and 8.x. We believe this is a regression versus FreeBSD [...]
Continue reading...FreeBSD Security Advisories (devfs, pipe, null)
5. October 2009
The FreeBSD Security Team has issued the following security warnings: FreeBSD-SA-09:14.devfs – Devfs / VFS NULL pointer race condition FreeBSD-SA-09:13.pipe – kqueue pipe race conditions FreeBSD-EN-09:05.null – No zero mapping feature For background info, problem description, impact, workaround and solutions, have a look at the individual advisory pages.
Continue reading...FreeBSD Security Advisory (bind)
30. July 2009
The FreeBSD Security Team has issued the following security warning: FreeBSD-SA-09:12.bind – BIND named(8) dynamic update message remote DoS For background info, problem description, impact, workaround and solution, have a look at the advisory page: bind
Continue reading...FreeBSD Security Advisories (ntp, ipv6, pipe)
15. June 2009
The FreeBSD Security Team has issued the following security warnings: FreeBSD-SA-09:11.ntpd - ntpd stack-based buffer-overflow vulnerability FreeBSD-SA-09:10.ipv6 – Missing permission check on SIOCSIFINFO_IN6 ioctl FreeBSD-SA-09:09.pipe – Local information disclosure via direct pipe writes For background info, problem description, impact, workaround and solutions, have a look at the individual advisory pages.
Continue reading...FreeBSD Security Advisories (openssl, libc)
23. April 2009
The FreeBSD Security Team has issued the following security warnings: FreeBSD-SA-09:08.openssl - Remotely exploitable crash in OpenSSL FreeBSD-SA-09:07.libc - Information leak in db(3) For background info, problem description, impact, workaround and solution, have a look at the individual advisory pages: openssl | libc
Continue reading...FreeBSD VPS Hosting
Don’t miss any posts
Keep up with our latest news by signing up to receive updates via RSS, comments feed or get my posts delivered by email.
16. July 2010
0 Comments