[FUG-BR] FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer
Thiago Gomes
thiagomespb em gmail.com
Segunda Março 23 09:25:12 BRT 2009
Só uma dúvida.
Se eu baixar a versão do FreeBSD 7.1 essa correção já seria corrigida ?
ou terei que implementar todas as correções que foram descobertas apos
o lançamento da 7.1 ?
2009/3/23 Welkson Renny de Medeiros <welkson em focusautomacao.com.br>:
> Acredito que a grande maioria deve receber essas notificações... mas segue...
>
> Welkson
>
>
> Today's Topics:
>
> 1. FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer
> (FreeBSD Security Advisories)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 23 Mar 2009 00:09:12 GMT
> From: FreeBSD Security Advisories <security-advisories em freebsd.org>
> Subject: FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer
> To: FreeBSD Security Advisories <security-advisories em freebsd.org>
> Message-ID: <200903230009.n2N09CEt065240 em freefall.freebsd.org>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> =============================================================================
> FreeBSD-SA-09:06.ktimer Security Advisory
> The FreeBSD Project
>
> Topic: Local privilege escalation
>
> Category: core
> Module: kern
> Announced: 2009-03-23
> Affects: FreeBSD 7.x
> Corrected: 2009-03-23 00:00:50 UTC (RELENG_7, 7.2-PRERELEASE)
> 2009-03-23 00:00:50 UTC (RELENG_7_1, 7.1-RELEASE-p4)
> 2009-03-23 00:00:50 UTC (RELENG_7_0, 7.0-RELEASE-p11)
> CVE Name: CVE-2009-1041
>
> For general information regarding FreeBSD Security Advisories,
> including descriptions of the fields above, security branches, and the
> following sections, please visit <URL:http://security.FreeBSD.org/>.
>
> I. Background
>
> In FreeBSD 7.0, support was introduced for per-process timers as defined
> in the POSIX realtime extensions. This allows a process to have a limited
> number of timers running at once, with various actions taken when each
> timer reaches zero.
>
> II. Problem Description
>
> An integer which specifies which timer a process wishes to operate upon is
> not properly bounds-checked.
>
> III. Impact
>
> An unprivileged process can overwrite an arbitrary location in kernel
> memory. This could be used to change the user ID of the process (in order
> to "become root"), to escape from a jail, or to bypass security mechanisms
> in other ways.
>
> IV. Workaround
>
> No workaround is available, but systems without untrusted local users are
> not vulnerable.
>
> V. Solution
>
> Perform one of the following:
>
> 1) Upgrade your vulnerable system to 7-STABLE, or to the RELENG_7_1
> or RELENG_7_0 security branch dated after the correction date.
>
> 2) To patch your present system:
>
> The following patch has been verified to apply to FreeBSD 7.0 and 7.1
> systems.
>
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>
> # fetch http://security.FreeBSD.org/patches/SA-09:06/ktimer.patch
> # fetch http://security.FreeBSD.org/patches/SA-09:06/ktimer.patch.asc
>
> b) Apply the patch.
>
> # cd /usr/src
> # patch < /path/to/patch
>
> c) Recompile your kernel as described in
> <URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
> system.
>
> VI. Correction details
>
> The following list contains the revision numbers of each file that was
> corrected in FreeBSD.
>
> CVS:
>
> Branch Revision
> Path
> - -------------------------------------------------------------------------
> RELENG_7
> src/sys/kern/kern_time.c 1.142.2.3
> RELENG_7_1
> src/UPDATING 1.507.2.13.2.7
> src/sys/conf/newvers.sh 1.72.2.9.2.8
> src/sys/kern/kern_time.c 1.142.2.2.2.2
> RELENG_7_0
> src/UPDATING 1.507.2.3.2.15
> src/sys/conf/newvers.sh 1.72.2.5.2.15
> src/sys/kern/kern_time.c 1.142.4.1
> - -------------------------------------------------------------------------
>
> Subversion:
>
> Branch/path Revision
> - -------------------------------------------------------------------------
> stable/7/ r190301
> releng/7.1/ r190301
> releng/7.0/ r190301
> - -------------------------------------------------------------------------
>
> VII. References
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1041
>
> The latest revision of this advisory is available at
> http://security.FreeBSD.org/advisories/FreeBSD-SA-06:09.ktimer.asc
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (FreeBSD)
>
> iEYEARECAAYFAknG0hQACgkQFdaIBMps37JA4gCfaznvIWKB/AU0cv6ojZUhheD4
> MuYAnAp3wuz3E7gIX6VK7PeUVnPp/41o
> =MPIX
> -----END PGP SIGNATURE-----
>
>
> ------------------------------
>
> _______________________________________________
> freebsd-security-notifications em freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
> To unsubscribe, send any mail to "freebsd-security-notifications-unsubscribe em freebsd.org"
>
> End of freebsd-security-notifications Digest, Vol 93, Issue 1
> *************************************************************
>
>
>
> --
> Welkson Renny de Medeiros
> Focus Automação Comercial
> Desenvolvimento / Gerência de Redes
> welkson em focusautomacao.com.br
>
>
>
> Powered by ....
>
> (__)
> \\\'',)
> \/ \ ^
> .\._/_)
>
> www.FreeBSD.org
>
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
Mais detalhes sobre a lista de discussão freebsd