Date: Mon, 9 Mar 2020 19:40:22 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: Eugene Grosbein <eugen@grosbein.net>, Cy Schubert <Cy.Schubert@cschubert.com>, freebsd-security@freebsd.org Subject: Re: Critical PPP Daemon Flaw Message-ID: <0898efde-0d5e-68a0-6969-ec096f19a5da@quip.cz> In-Reply-To: <efc25a68-9bfa-5838-eaef-a2f6a6817ac2@grosbein.net> References: <13df3361-87b6-c6c1-e79d-2bbdd0146518@quip.cz> <5FD9E59C-1B15-4B07-AA5E-1B6F40CBDD08@cschubert.com> <efc25a68-9bfa-5838-eaef-a2f6a6817ac2@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eugene Grosbein wrote on 2020/03/09 18:15: > 09.03.2020 20:49, Cy Schubert wrote: > >> On March 9, 2020 4:23:10 AM PDT, Miroslav Lachman <000.fbsd@quip.cz> wrote: >>> I don't know if FreeBSD is vulnerable or not. There are main Linux >>> distros and NetBSD listed in the article. >>> >>> https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html >>> >>> The vulnerability, tracked as CVE-2020-8597 [1] with CVSS Score 9.8, >>> can >>> be exploited by unauthenticated attackers to remotely execute arbitrary >>> >>> code on affected systems and take full control over them. >>> >>> [1] https://www.kb.cert.org/vuls/id/782301/ >> Probably not. Ours is a different codebase from NetBSD. >> I haven't looked at what Red Hat has, no comment about theirs. >> However it would be prudent to verify our pppd isn't also vulnerable. > > We have not pppd at all, in any supported branch. > > We had pppd(8) and ppp(4) kernel driver used by pppd upto FreeBSD 7 > and they did panic kernel if used with MPSAFE knob enabled, because ppp(4) was not mp-safe. > Due to that reason (and nobody updated the driver), both of ppp(4) and pppd(8) were removed before 8.0-RELEASE. > > We have net/mpd5 daemon that can be used instead of pppd and mpd5 is not vulnerable > due to its completely different code base including part parsing EAP messages. > > And, of course, we have ppp(8) "user-ppp" utility. Thank you for the clarification! Kind regards Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0898efde-0d5e-68a0-6969-ec096f19a5da>