Pamusoro peFreeBSD kusakwana kutanhatu kunobvumidza iwe kuita kurwisa kweDoS, kusiya nharaunda yejeri, kana kuwana ruzivo rwekernel. Matambudziko akagadziriswa mukuvandudza 12.1-RELEASE-p3 uye 11.3-RELEASE-p7.
- -Nekuda kwechikanganiso mukushandiswa kwe epair virtual network interfaces, mushandisi ane PRIV_NET_IFCREATE kana kodzero dzemidzi kubva kune yakasarudzika jeri nharaunda inogona kukonzera kernel kupaza kana kuita kodhi yavo nekodzero dzekernel.
- - hapana cheki yekumisa tambo neasina hunhu paunenge uchigadzira iyo "osrelease" sarudzo kuburikidza nejail_set system kufona, inobvumidza iwe kuti uwane zviri mukati meiyo iri padyo kernel memory zvimiro kana jeri nharaunda maneja anofona, kana tsigiro yekutanga jeri nested. nharaunda inogoneswa kuburikidza ne children.max parameter ( By default, kusikwa kwe nested jail environments zvinorambidzwa).
- -Kutarisisa zvisizvo kweropafadzo kana uchiwana mutyairi kuburikidza neoctl inobvumira mushandisi asina rusarura kuti aise firmware update yeNVM madivayiri.
- -Kutarisisa zvisizvo kweropafadzo kana uchiwana mutyairi kuburikidza neoctl inobvumira mushandisi asina rombo rakanaka kutumira mirairo kune firmware yeEmulex OneConnect network adapters.
- - nekutumira TCP SYN-ACK zvikamu zvakagadzirirwa neimwe nzira pamusoro peIPv6, imwe byte yekernel memory inogona kuburitswa pamusoro petiweki (iyo Traffic Kirasi munda haina kutangwa uye ine yakasara data).
- mu ntpd nguva yekuwiriranisa daemon inogona kushandiswa kukonzera kuramba sevhisi (zvichikonzera kuti ntpd process iparare).
Source: opennet.ru