KwiFreeBSD ukuba sesichengeni (CVE-2019-5611) ekuvumela ukuba wenze i-kernel crash (packet-of-death) ngokuthumela iipakethi ze-ICMPv6 MLD ezicandeke ngokukodwa (). Ingxaki ukunqongophala koqwalaselo oluyimfuneko kum_pulldown() ifowuni, enokubangela ukuba kubuyiswe imbufs ezingadibananga, ngokuchaseneyo nolindelo lomfowuni.
Ukuba sesichengeni kuhlaziyo 12.0-UKUKHULULWA-p10, 11.3-UKUKHULULWA-p3 kunye no-11.2-UKUKHULULWA-p14. Njengomsebenzi wokhuseleko, unokukhubaza ulwahlulo lwenkxaso ye-IPv6 okanye iinketho zeheader zokucoca kwi-firewall. (Hop-by-Hop). Okubangel’ umdla kukuba, impazamo ebangela ubuthathaka yafunyanwa ngo-2006 yaza yalungiswa kwi-OpenBSD, NetBSD, kunye macOS, kodwa ayizange ilungiswe kwiFreeBSD, nangona abaphuhlisi beFreeBSD bexelelwe ngale ngxaki.
Unokuqaphela kwakhona ukupheliswa kobuthathaka obungakumbi kwiFreeBSD:
- — ukuphuphuma kwekhawunta yereferensi yezakhiwo zedatha kwimqueuefs xa kusetyenziswa amathala eencwadi angama-32-bit kwindawo ye-64-bit (32-bit compat). Ingxaki yenzeka xa kuvumela i-mqueuefs, engasebenziyo ngokungagqibekanga, kwaye inokukhokelela kunikezelo kwiifayile, abalawuli kunye neziseko ezivulwe ngeenkqubo zabanye abasebenzisi, okanye ukufikelela kwiifayile zangaphandle ukusuka kwimeko-bume yejele. Ukuba umsebenzisi unengcambu yokufikelela entolongweni, ubuthathaka buvumela umntu ukuba afumane ukufikelela kweengcambu kwicala lendawo yomkhosi.
- - Ingxaki enokufikelela kwimisonto emininzi kwisixhobo /dev/midistat xa imeko yomdyarho isenzeka ingakhokelela kwiindawo zokufunda zememori yekernel ngaphandle kwemida yebuffer eyabelwe i-midistat. Kwiinkqubo ze-32-bit, umzamo wokusebenzisa ubuthathaka ukhokelela kwingozi ye-kernel, kwaye kwiisistim ze-64-bit ivumela umntu ukuba afumane imixholo yeendawo ezingaqondakaliyo zememori ye-kernel.
umthombo: opennet.ru
