Mu FreeBSD, chiwopsezo (CVE-2022-23093) chadziwika muzothandizira za ping zomwe zikuphatikizidwa pakugawa koyambira. Vutoli litha kupangitsa kuti ma code akhazikike patali ndi mwayi wokhala ndi mizu poyang'anira gulu lakunja lomwe likulamulidwa ndi wowukira. Kukonzekera kunaperekedwa muzosintha za FreeBSD 13.1-RELEASE-p5, 12.4-RC2-p2 ndi 12.3-RELEASE-p10. Sizikudziwikabe ngati machitidwe ena a BSD akukhudzidwa ndi kusatetezeka komwe kwadziwika (palibe malipoti owopsa mu NetBSD, DragonFlyBSD ndi OpenBSD panobe).
Chiwopsezochi chimayamba chifukwa cha kusefukira kwa buffer mu code ya ICMP yolandilidwa poyankha pempho lotsimikizira. Khodi yotumiza ndi kulandira mauthenga a ICMP mu ping imagwiritsa ntchito sockets yaiwisi ndipo imachitidwa ndi mwayi wapamwamba (zothandizira zimabwera ndi setuid root root). Yankho limakonzedwa kumbali ya ping kudzera pakumanganso mitu ya IP ndi ICMP ya mapaketi omwe adalandira kuchokera ku socket yaiwisi. Mitu yosankhidwa ya IP ndi ICMP imakopera mu buffers ndi pr_pack (), osaganizira kuti mitu yowonjezera yowonjezera ingakhalepo mu paketi pambuyo pa mutu wa IP.
Mitu yotereyi imachotsedwa pa paketi ndikuphatikizidwa pamutu wamutu, koma samaganiziridwa powerengera kukula kwa buffer. Ngati wolandirayo, poyankha pempho la ICMP lotumizidwa, abweza paketi yokhala ndi mitu yowonjezera, zomwe zili mkati mwake zidzalembedwera kudera lopitilira malire a buffer pa stack. Zotsatira zake, wowukira atha kulemba mpaka ma byte 40 a data pa stack, zomwe zitha kulola kuti ma code awo agwire. Kuopsa kwa vutoli kumachepetsedwa chifukwa chakuti panthawi yomwe cholakwikacho chimachitika, ndondomekoyi ili mu chikhalidwe cha kuyitana kudzipatula (mawonekedwe a luso), zomwe zimapangitsa kuti zikhale zovuta kupeza njira yonseyi pambuyo pogwiritsira ntchito chiwopsezo. .
Source: opennet.ru