Date: Thu, 23 Nov 2006 01:50:17 -0800 (PST) From: Tom Samplonius <tom@samplonius.org> To: "O. Hartmann" <ohartman@zedat.fu-berlin.de> Cc: freebsd-security@FreeBSD.org, freebsd-current@FreeBSD.org, FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679 Message-ID: <1273966.31164275417164.JavaMail.root@ly.sdf.com> In-Reply-To: <45656A3B.6000000@zedat.fu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
----- O. Hartmann <ohartman@zedat.fu-berlin.de> wrote: > Is for these UFS bugs in FreeBSD since 6.1 a fix uderway? > > See: > > http://projects.info-pull.com/mokb/ > > MOKB-08-11-2006,CVE-2006-5824, MOKB-03-11-2006,CVE-2006-5679 > Probably not. In both cases a "crafted filesystem" is mounted to trigger crash. Garbage in, garbage out. It is hardly exploitable, since only root can mount filesystems. And only root could "craft" a bogus filesystem to crash the kernel. If you are root, "reboot" is a far faster way to crash the system. What the MOKB people seem to leave out, is: do their "crafted filesystems" pass a "fsck -f"? If fsck says the filesystem is good, then the kernel should not crash. But I suspect that "fsck -f" would fix the filesystem. (BTW, "-f" is mandatory as I suspect that these "crafted filesystems" would have the clean flag set). If "fsck -f" fixes the filesystem, then both of these bugs are bogus. Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1273966.31164275417164.JavaMail.root>