Pamusoro peFreeBSD kusagadzikana (CVE-2019-5611) iyo inokutendera iwe kuti ukonzere kuparara kwekernel (packet-ye-rufu) nekutumira akatsemuka akatsemuka ICMPv6 MLD mapaketi () Dambudziko kushaikwa kwecheki inodiwa mum_pulldown () kufona, izvo zvinogona kuita kuti mambufs asina-contiguous adzoserwe, zvinopesana nezvinotarisirwa neanofona.
Kunetseka mune zvigadziriso 12.0-RELEASE-p10, 11.3-KUSUNUNGURWA-p3 uye 11.2-KUSVIRA-p14. Senzira yekuchengetedza, unogona kudzima tsigiro yekupatsanura yeIPv6 kana kusefa musoro sarudzo pane firewall. (Hop-by-Hop). Sezvineiwo, iyo bug inotungamira mukusagadzikana yakaonekwa kumashure muna 2006 uye yakagadziriswa muOpenBSD, NetBSD uye macOS, asi yakaramba isina kurongeka muFreeBSD, kunyangwe ichokwadi chekuti vanogadzira FreeBSD vakaziviswa nezvedambudziko.
Iwe unogona zvakare kucherechedza kubviswa kwemamwe maviri kusagadzikana muFreeBSD:
- - kufashukira kwekaunda yereferenzi yezvimiro zvedata mumqueuefs paunenge uchishandisa 32-bit maraibhurari munzvimbo ye64-bit (32-bit compat). Dambudziko rinoitika pakugonesa mqueuefs, isingashande nekukasira, uye inogona kutungamira kuwana mafaera, madhairekitori uye zvigadziko zvakavhurwa nemaitiro evamwe vashandisi, kana kuwana ekunze mafaera kubva kunharaunda yejeri. Kana mushandisi aine midzi yekupinda mutirongo, kusagadzikana kunobvumira munhu kuwana midzi yekupinda padivi penzvimbo inotambira.
- -Dambudziko neakawanda-shinda yekuwana iyo /dev/midistat mudziyo kana mamiriro emujaho aitika anogona kutungamira kune kuverenga nzvimbo dzekernel memory kunze kwemiganhu yebuffer yakagoverwa midistat. Pane 32-bit masisitimu, kuyedza kushandisa kusazvibata kunotungamira mukupunzika kwe kernel, uye pa 64-bit masisitimu inobvumira munhu kuwana zviri mukati menzvimbo dzinopokana dzekernel memory.
Source: opennet.ru