Ho FreeBSD vulnerability (CVE-2019-5611) e u lumellang ho baka kotsi ea kernel (pakete-ea-lefu) ka ho romella lipakete tse arohaneng ka ho khetheha tsa ICMPv6 MLD (). Bothata khaello ea cheke e hlokahalang mohala oa m_pulldown(), o ka etsang hore li-mbuf tse sa kopaneng li khutlisetsoe, ho fapana le litebello tsa moletsi.
Ho ba tlokotsing lintlafatsong 12.0-RELEASE-p10, 11.3-RELEASE-p3 le 11.2-RELEASE-p14. Joalo ka ts'ebetso ea ts'ireletso, o ka tima ts'ehetso ea karohano bakeng sa IPv6 kapa likhetho tsa lihlooho tsa filthara ho firewall. (Hop-by-Hop). Ho khahlisang, kokoanyana e lebisang kotsing e ile ea tsejoa morao koana ka 2006 mme ea ts'oaroa ho OpenBSD, NetBSD le macOS, empa ea lula e sa ts'oaroe ho FreeBSD, leha bahlahisi ba FreeBSD ba tsebisitsoe ka bothata.
U ka boela ua hlokomela ho felisoa ha likotsi tse ling tse peli ho FreeBSD:
- - ho khaphatseha ha k'haontareng ea litšupiso bakeng sa meaho ea data ho li-mqueuefs ha ho sebelisoa lilaeborari tsa li-32-bit tikolohong ea 64-bit (32-bit compat). Bothata bo etsahala ha ho nolofalletsa li-mqueuefs, tse sa sebetseng ka ho sa feleng, 'me li ka lebisa ho phihlello ea lifaele, li-directory le li-sockets tse butsoeng ke lits'ebetso tsa basebelisi ba bang, kapa ho fihlella lifaele tsa kantle tse tsoang tikolohong ea chankana. Haeba mosebelisi a na le monyetla oa ho kena chankaneng, ho ba kotsing ho lumella motho ho fumana metso ka lehlakoreng la tikoloho ea moamoheli.
- - bothata ba ho fihlella lisebelisoa tse ngata ho sesebelisoa sa /dev/midistat ha boemo ba morabe bo etsahala bo ka lebisa libakeng tsa ho bala tsa kernel memory ka ntle ho meeli ea buffer e abetsoeng midistat. Lits'ebetsong tsa 32-bit, boiteko ba ho sebelisa hampe bofokoli bo lebisa ho putlama ha kernel, 'me lits'ebetsong tsa 64-bit e lumella motho ho sibolla litaba tsa libaka tse hanyetsanang tsa mohopolo oa kernel.
Source: opennet.ru