Ku-FreeBSD ubungozi obuyisithupha obukuvumela ukuthi wenze ukuhlasela kwe-DoS, uphume endaweni yejele noma uthole ukufinyelela kudatha ye-kernel. Izinkinga zilungiswa kuzibuyekezo 12.1-RELEASE-p3 kanye ne-11.3-RELEASE-p7.
- - ngenxa yesiphazamisi ekusetshenzisweni kokuxhumana kwenethiwekhi okubonakalayo kwe-epair, umsebenzisi one-PRIV_NET_IFCREATE noma amalungelo ezimpande asuka endaweni engayodwa yejele angabangela uhlamvu lwe-kernel ukuthi luphahlazeke noma lukhiphe ikhodi yalo ngamalungelo e-kernel.
- - ukungabikho kokuhlolwa kwentambo enqanyuliwe lapho ucubungula inketho ethi "osrelease" ngekholi yesistimu ye-jail_set, kukuvumela ukuthi uthole okuqukethwe kwezakhiwo eziseduze ze-kernel lapho umlawuli wendawo yejele ebiza i-jail_get, uma ukusekelwa kokwethulwa kwezindawo zejele inikwe amandla ngepharamitha ye- children.max ( Ngokuzenzakalelayo, izindawo zasejele ezifakwe esidlekeni zivaliwe).
- - isheke elingalungile lamalungelo lapho ufinyelela umshayeli nge-ioctl ivumela umsebenzisi ongenalungelo ukuthi afake isibuyekezo se-firmware samadivayisi e-NVM.
- - isheke elingalungile lamalungelo lapho ufinyelela umshayeli nge-ioctl ivumela umsebenzisi ongenalungelo ukuthi athumele imiyalo ku-firmware yama-adaptha enethiwekhi ye-Emulex OneConnect.
- — ngokuthumela amasegimenti e-TCP SYN-ACK aklanywe ngokukhethekile nge-IPv6, ibhayithi eyodwa yememori ye-kernel ingavuza kunethiwekhi (inkambu Yekilasi Lethrafikhi ayiqaliswanga futhi iqukethe idatha eyinsalela).
- ku-daemon yokuvumelanisa yesikhathi se-ntpd ingasetshenziswa ukwenza ukwenqatshwa kwesevisi (okubangela ukuthi inqubo ye-ntpd iphahlazeke).
Source: opennet.ru