Ho FreeBSD, ho na le ts'oaetso (CVE-2022-23093) ts'ebelisong ea ping e kenyellelitsoeng kabong ea mantlha. Taba ena e ka lebisa ho ts'ebetsong ea khoutu e hole ka litokelo tsa metso ha o ts'oara moamoheli ea kantle ea laoloang ke mohlaseli. Tokiso e fanoe ka lintlafatso tsa FreeBSD 13.1-RELEASE-p5, 12.4-RC2-p2 le 12.3-RELEASE-p10. Ha ho so hlake hore na litsamaiso tse ling tsa BSD li angoa ke ts'oaetso e bonts'itsoeng (ha ho na litlaleho tsa bofokoli ho NetBSD, DragonFlyBSD le OpenBSD hajoale).
Kotsi e bakoa ke ho phatloha ho hoholo ha "buffer" khoutu ea ho fetisa melaetsa ea ICMP e amoheloang ka lebaka la kopo ea netefatso. Khoutu ea ho romella le ho amohela melaetsa ea ICMP ka ping e sebelisa li-sockets tse tala mme e etsoa ka litokelo tse phahameng (tšebeliso e tla le folakha ea motso oa setuid). Karabelo e sebetsoa ka lehlakoreng la ping ka ho tsosolosoa ha lihlooho tsa IP le ICMP tsa lipakete tse amoheloang ho tloha soketeng e tala. Lihlooho tse khethiloeng tsa IP le ICMP li kopitsoa ho li-buffers ka pr_pack (), ntle le ho ela hloko hore lihlooho tse eketsehileng tse atolositsoeng li ka ba teng ka har'a pakete ka mor'a sehlooho sa IP.
Lihlooho tse joalo li ntšoa ka har'a pakete 'me li kenyelelitsoe lebokoseng la lihlooho, empa ha li hlokomeloe ha ho baloa boholo ba buffer. Haeba moamoheli, ka lebaka la kopo e rometsoeng ea ICMP, a khutlisa pakete e nang le lihlooho tse ling, litaba tsa tsona li tla ngolloa sebakeng se ka nqane ho moeli oa buffer ho stack. Ka lebaka leo, mohlaseli a ka ngola ho fihlela ho li-byte tse 40 tsa data ho stack, e leng monyetla oa ho lumella khoutu ea bona ho sebetsa. Botebo ba bothata bo fokotsoa ke taba ea hore nakong eo phoso e etsahalang, ts'ebetso e maemong a ho itšehla thajana (mokhoa oa bokhoni), e leng se etsang hore ho be thata ho fihlella sistimi eohle ka mor'a ho sebelisa hampe tlokotsi. .
Source: opennet.ru