Date: Sun, 10 Aug 2003 20:33:16 -1000 From: Jason Dambrosio <jason@wiz.cx> To: FreeBSD Security Advisories <security@freebsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal Message-ID: <20030811063316.GA85000@tekgenesis.net> In-Reply-To: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> References: <200308110257.h7B2v6YJ061278@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 10, 2003 at 07:57:06PM -0700, FreeBSD Security Advisories wrote:
> II. Problem Description
>
> Some mechanisms for causing a signal to be sent did not properly
> validate the signal number, in some cases allowing the kernel to
> attempt to deliver a negative or out-of-range signal number. Such
> errors were present in the ptrace(2) system call and the `spigot'
> video capture device driver.
>
> The error in ptrace(2) was introduced in FreeBSD version 4.2-RELEASE
> (4-STABLE dated Oct 26 04:34:41 2000 UTC).
...
> IV. Workaround
>
> There is no workaround for the local denial-of-service attack.
Wouldn't a possible workaround be, to load a kld module that would
replace the ptrace(2) system call with a patched one? I remember doing
such a trick for modifying other system calls using kld modules...
Jason
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030811063316.GA85000>