Date: Tue, 12 Mar 2002 10:49:31 -0500 From: Mike Tancsa <mike@sentex.net> To: Chris Faulhaber <jedgar@fxp.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: zlib and FreeBSD (was Re: RedHat advisory - RHSA-2002:026-35 zlib double free -- Is this 4.5-R-p1?) Message-ID: <5.1.0.14.0.20020312104817.0649e0c0@marble.sentex.ca> In-Reply-To: <20020312155216.GF94019@peitho.fxp.org> References: <5.1.0.14.0.20020312102633.027e5e40@marble.sentex.ca> <20020312145337.GB35955@madman.nectar.cc> <5.1.0.14.0.20020312102633.027e5e40@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Is this possible to happen in kernel space as well (e.g. somewhere in the
networking code) ? And if so, would that constitute a panic ?
---Mike
At 10:52 AM 3/12/02 -0500, Chris Faulhaber wrote:
>On Tue, Mar 12, 2002 at 10:29:06AM -0500, Mike Tancsa wrote:
> >
> > Hi,
> > Although it sounds like the bug is not exploitable on FreeBSD, is there a
> > potential for a Denial of Service still with systems prior to the Feb 22
> > commit?
> >
>
>With phkmalloc(3), normally you will just get:
>
>progname in free(): error: chunk is already free
>
>unless the 'A' malloc option is set, then the program will
>abort(3) which could be considered a Denial of Service.
>
>--
>Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
>--------------------------------------------------------
>FreeBSD: The Power To Serve - http://www.FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020312104817.0649e0c0>