Hauv ipfw pob ntawv lim ob qhov tsis zoo nyob rau hauv TCP kev xaiv parsing code, tshwm sim los ntawm cov ntaub ntawv pov thawj tsis raug hauv cov txheej txheem network. Thawj qhov muaj qhov tsis zoo (CVE-2019-5614) thaum ua TCP pob ntawv hauv ib txoj hauv kev tuaj yeem ua rau nkag mus rau lub cim xeeb sab nraud ntawm mbuf tsis txwv, thiab qhov thib ob (CVE-2019-15874) tuaj yeem ua rau nkag mus rau qhov chaw nco tau tso tseg ( siv-tom qab-dawb).
Kev tsom xam ntawm qhov tsim nyog ntawm cov teeb meem uas tau txheeb xyuas rau kev siv lub peev xwm los ua kom tiav qhov kev ua txhaum cai ntawm tus neeg tawm tsam tsis tau ua tiav, tab sis nws muaj peev xwm hais tias qhov tsis zoo yuav tsis txwv rau qhov ua rau lub kernel tsoo. Cov teeb meem tau raug kho nyob rau hauv FreeBSD 11.3-RELEASE-p8 thiab 12.1-RELEASE-p4 hloov tshiab (kev kho tau ua rau cov ceg ruaj khov rov qab rau lub Kaum Ob Hlis xyoo tas los, tab sis qhov tseeb tias cov kev kho no cuam tshuam txog kev tshem tawm qhov tsis zoo los ua paub tam sim no) .
Tau qhov twg los: opennet.ru