Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 24 Nov 2006 08:22:39 +0100
From:      "O. Hartmann" <ohartman@zedat.fu-berlin.de>
To:        David Malone <dwmalone@maths.tcd.ie>
Cc:        freebsd-security@freebsd.org, freebsd-current@freebsd.org, FreeBSD Stable <freebsd-stable@freebsd.org>
Subject:   Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679
Message-ID:  <45669DBF.5030009@zedat.fu-berlin.de>
In-Reply-To: <20061123213656.GA26275@walton.maths.tcd.ie>
References:  <45656A3B.6000000@zedat.fu-berlin.de> <20061123213656.GA26275@walton.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help 
David Malone wrote:
> On Thu, Nov 23, 2006 at 10:30:35AM +0100, O. Hartmann wrote:
>> Is for these UFS bugs in FreeBSD since 6.1 a fix uderway?
>>
>> See:
>>
>> http://projects.info-pull.com/mokb/
>>
>> MOKB-08-11-2006,CVE-2006-5824, MOKB-03-11-2006,CVE-2006-5679
> 
> These two bugs both seem to involve mounting deliberately corrupted
> UFS file systems. I'm not sure that many people allow this. To be
> honest, I'm surprised that they only list two bugs of this sort -
> UFS wasn't designed to be robust to working with accidently corrupted
> filesystems, let alone ones corrupted maliciously!
> 
> The usual response of UFS to a corrupted filesystem is to panic.
> I'm guessing it would have been easier to do:
> 
> 	grep panic /usr/src/sys/ufs/*/*.c
> 
> to find a load of these bugs, rather than writing a fuzzing tool ;-)
> 
> (That's not to say that it isn't worth improving things, it's just
> likely to be a large amount of work to fix this in a way that
> actually makes things better.)
> 
> 	David.


These two bugs are shown for FreeBSD only and I guess, Solaris and other 
BSDs  still use UFS. Are they more robust against this exploit or type 
of exploit?
On the other hand, if these shown bugs aren't as serious as claimed be 
the mentioned page, it sounds more like 'look, we also found on FreeBSD 
something strange, not even on Linux'.

But it is good to know and be aware of.

Regards,
Oliver

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45669DBF.5030009>