FreeBSD yakagadzirisa kusagadzikana kwakati wandei kunogona kubvumira mushandisi wenzvimbo kuti akwidzire maropafadzo avo, kuita kodhi mukati meiyo kernel, kana kutiza sandbox:
- CVE-2024-43102 - Mamiriro emujaho mukuitwa kwe _umtx_op system kufona inogona kushandiswa kuronga kupinda kune yakatosunungurwa ndangariro nzvimbo (Shandisa-After-Mahara) kuburikidza nekutumira panguva imwe chete akati wandei UMTX_SHM_DESTROY subrequests. Kusagadzikana kunogona kupfuura nzira yeCapsicum yekuzviparadzanisa nevamwe kana kubvumidza kodhi kuti iitwe padanho rekernel. Kusagadzikana kwakapihwa yakanyanya kuomarara nhanho (10 kubva pagumi). Nyaya inogadziriswa mukuvandudza 10-RELEASE-p14.1, 4-RELEASE-p14.0 uye 10-RELEASE-p13.3.
- CVE-2024-45287, CVE-2024-45288 injodzi muraibhurari ye libnv inoshandiswa mukernel uye munzvimbo yemushandisi kugadzirisa rondedzero mukiyi / kukosha fomati. Dambudziko rekutanga rine chekuita nekuwanda kwehuwandu, izvo zvinotungamira kugovero yebhafa iyo idiki pane iyo data block iri kunyorwa kune buffer. Dambudziko rechipiri rinokonzerwa nekusaisa chimiro chisina maturo muchikamu chekupedzisira chehurongwa, izvo zvinotungamirira kune mukana wekunyora kudarika miganhu yebhafa yakagoverwa. Kusagadzikana kunogona kushandiswa kukwidziridza ropafadzo nekunyora nzvimbo dzekurangarira mumagadzirirwo ehurongwa kana kernel.
- CVE-2024-32668, CVE-2024-41928, CVE-2024-8178, CVE-2024-42416, CVE-2024-43110, CVE-2024-45063 vari kusagadzikana mune iyo bhyve hurongwa hwekuita hyperxevisor. kudivi reiyo host system (kazhinji ine midzi kodzero), kana uchinyengedza mukati mevaenzi sisitimu nevatyairi veiyo chaiyo USB controller (XHCI), TPM kana ctl (SCSI emulation kuburikidza neCAM Target Layer).
- CVE-2024-6119 injodzi muOpenSSL inoita kuti maapplication atanike kana ichisimbisa mazita echitupa cheX.509 akatsanangurwa mune imwe nzvimbo yeZita.
Source: opennet.ru
