Date: Mon, 30 Nov 2009 22:28:58 -0600 From: Bryan Drewery <bryan@xzibition.com> To: cperciva@freebsd.org Cc: freebsd-security@freebsd.org Subject: Re: Upcoming FreeBSD Security Advisory Message-ID: <4B149B8A.80100@xzibition.com> In-Reply-To: <200912010120.nB11Koo2088364@freefall.freebsd.org> References: <200912010120.nB11Koo2088364@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin, Thank you so much for alerting us and providing a temporary patch. I had a user attempt to use the public exploit today, but due to /tmp being noexec, it failed. Luckily I caught him before he modified the script to work though. Now I am patched and can sleep tonight :) Thanks, Bryan FreeBSD Security Officer wrote: > Hi all, > > A short time ago a "local root" exploit was posted to the full-disclosure > mailing list; as the name suggests, this allows a local user to execute > arbitrary code as root. > > Normally it is the policy of the FreeBSD Security Team to not publicly > discuss security issues until an advisory is ready, but in this case > since exploit code is already widely available I want to make a patch > available ASAP. Due to the short timeline, it is possible that this > patch will not be the final version which is provided when an advisory > is sent out; it is even possible (although highly doubtful) that this > patch does not fully fix the issue or introduces new issues -- in short, > use at your own risk (even more than usual). > > The patch is at > http://people.freebsd.org/~cperciva/rtld.patch > and has SHA256 hash > ffcba0c20335dd83e9ac0d0e920faf5b4aedf366ee5a41f548b95027e3b770c1 > > I expect a full security advisory concerning this issue will go out on > Wednesday December 2nd.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B149B8A.80100>