Date: Mon, 14 Sep 2009 12:12:50 -0700 From: Dan Goodin <dgoodin@sitpub.com> To: freebsd-questions@FreeBSD.org, press@FreeBSD.org, media@FreeBSD.org Subject: reporter on deadline seeks comment about reported security bug in FreeBSD Message-ID: <4AAE95B2.5050409@sitpub.com>
next in thread | raw e-mail | index | archive | help
Hello, Dan Goodin, a reporter at technology news website The Register. Security researcher Przemyslaw Frasunek says versions 6.x through 6.4 of FreeBSD has a security bug. He says he notified the FreeBSD Foundation on August 29 and never got a response. We'll be writing a brief article about this. Please let me know ASAP if someone cares to comment. Kind regards, Dan Goodin 415-495-5411 -------- Original Message -------- Subject: Re: [Full-disclosure] FreeBSD <= 6.1 kqueue() NULL pointer dereference Date: Sun, 13 Sep 2009 10:49:33 +0200 From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl> Organization: frasunek.com To: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com References: <4A9028AC.9080902@freebsd.lublin.pl> Przemyslaw Frasunek pisze: > FreeBSD <= 6.1 suffers from classical check/use race condition on SMP There is yet another kqueue related vulnerability. It affects 6.x, up to 6.4-STABLE. FreeBSD security team was notified on 29th Aug, but there is no response until now, so I won't publish any details. Sucessful exploitation yields local root and allows to exit from jail. For now, you can see demo on: http://www.vimeo.com/6554787 -- * Fido: 2:480/124 ** WWW: http://www.frasunek.com ** NICHDL: PMF9-RIPE * * Jabber ID: venglin@czuby.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ5JIV * _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AAE95B2.5050409>