Pa FreeBSD Zofooka zisanu ndi chimodzi zomwe zimakulolani kuchita chiwembu cha DoS, kutuluka m'ndende kapena kupeza chidziwitso cha kernel. Nkhani zimakonzedwa pazosintha 12.1-RELEASE-p3 ndi 11.3-RELEASE-p7.
- - chifukwa cha cholakwika pakukhazikitsa ma epair virtual networks, wogwiritsa ntchito PRIV_NET_IFCREATE kapena ufulu wa mizu kuchokera kundende yakutali angayambitse kernel kusweka kapena kutulutsa code yawo ndi ufulu wa kernel.
- - kusakhalapo kwa cheke chazingwe chomwe sichinasinthidwe mukamakonza njira ya "osrelease" kudzera pa foni ya jail_set system, kumakupatsani mwayi wopeza zomwe zili pafupi ndi kernel memory memory pomwe woyang'anira ndende adayitanitsa jail_get, ngati chithandizo choyambitsa ndende zomwe zili m'ndende. imathandizidwa kudzera pa parameter ya children.max ( Mwachikhazikitso, kupanga malo a ndende zoletsedwa ndikoletsedwa).
- - cheke cholakwika cha mwayi mukapeza dalaivala kudzera mu ioctl imalola wogwiritsa ntchito wopanda mwayi kukhazikitsa zosintha za firmware pazida za NVM.
- - cheke cholakwika cha mwayi mukapeza dalaivala kudzera mu ioctl imalola wogwiritsa ntchito wopanda mwayi kutumiza malamulo ku firmware ya Emulex OneConnect network adapter.
- - potumiza magawo opangidwa mwapadera a TCP SYN-ACK pa IPv6, kukumbukira kwa kernel imodzi kumatha kutayidwa pamaneti (gawo la Traffic Class silinayambike ndipo lili ndi zotsalira).
- mu ntpd nthawi yolumikizira daemon itha kugwiritsidwa ntchito kukana ntchito (kupangitsa kuti njira ya ntpd iwonongeke).
Source: opennet.ru