Ku-FreeBSD ubungozi (CVE-2019-5611) obukuvumela ukuthi udale ukuphahlazeka kwekernel (iphakethe-lokufa) ngokuthumela amaphakethe e-ICMPv6 MLD ahlukaniswe ngokukhethekile (). Inkinga ukuntuleka kokuhlola okudingekayo kukholi m_pulldown(), okungase kuphumele ekubuyiselweni kwe-mbufs engahlangani, ngokuphambene nalokho okushayayo okulindele.
Ukuba sengozini kuzibuyekezo 12.0-KHISHWA-p10, 11.3-KHISHWA-p3 kanye no-11.2-KHISHWA-p14. Njengendlela yokuphepha, ungakhubaza ukusekelwa kokuhlukana kwe-IPv6 noma izinketho zesihloko sokuhlunga ku-firewall. (Hop-by-Hop). Kuyathakazelisa ukuthi iphutha eliholela ekubeni sengozini likhonjwe emuva ngo-2006 futhi lalungiswa ku-OpenBSD, NetBSD kanye ne-macOS, kodwa lahlala lingalungisiwe kuFreeBSD, naphezu kweqiniso lokuthi abathuthukisi beFreeBSD bazisiwe ngale nkinga.
Ungaqaphela futhi ukuqedwa kobungozi obubili ku-FreeBSD:
- β ukuchichima kwekhawunta yereferensi yezakhiwo zedatha kuma-mqueuefs uma kusetshenziswa amalabhulali angamabhithi angu-32 endaweni engamabhithi angu-64 (i-comat engu-32-bit). Inkinga izibonakalisa lapho inika amandla ama-mqueuef, angasebenzi ngokuzenzakalela, futhi engaholela ekufinyeleleni kumafayela, izinkomba namasokhethi avulwe yizinqubo zabanye abasebenzisi, noma ukufinyelela amafayela angaphandle avela endaweni yejele. Uma umsebenzisi enokufinyelela kwezimpande ejele, ukuba sengozini kuvumela umuntu ukuthi athole ukufinyelela kwezimpande ohlangothini lwendawo yosokhaya.
- - inkinga ngokufinyelela okunemicu eminingi kudivayisi/dev/midistat lapho isimo somjaho senzeka kungaholela ekufundeni izindawo zememori ye-kernel ngaphandle kwemingcele yesibhafa esabelwe i-midistat. Kuzinhlelo ze-32-bit, umzamo wokuxhaphaza ubungozi uholela ekuphahlazekeni kwe-kernel, futhi ezinhlelweni ze-64-bit ivumela umuntu ukuthi athole okuqukethwe kwezindawo ezingafanele zememori ye-kernel.
Source: opennet.ru