Release date:
Updated on:
Affected Systems:
FreeBSD 8.x
FreeBSD 7.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 44782
Cve id: CVE-2010-4210
FreeBSD is an open-source Unix system that runs on the Intel Platform and can be freely used.
The pfs_getextattr (9) function used in FreeBSD's pseudo FS module to process extended attributes tries to unlock the mutex that has not been locked before. Attackers can overwrite any memory location in the kernel with 0 on a system that loads a file system using pseudo-DOFs and allows empty page ing, in some cases, arbitrary code can be executed in the kernel environment.
On a system that does not allow blank page ing, attackers can make the FreeBSD kernel busy.
<* Source: Przemyslaw Frasunek (venglin@freebsd.lublin.pl)
Link: http://secunia.com/advisories/42200/
Ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-10:09.pseudofs.asc
*>
Suggestion:
--------------------------------------------------------------------------------
Temporary solution:
* Uninstall procfs (5) and linprocfs (5 ).
Vendor patch:
FreeBSD
-------
FreeBSD has released a Security Bulletin (FreeBSD-SA-10: 09) and patches for this:
FreeBSD-SA-10: 09: Spurious mutex unlock
Link: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-10:09.pseudofs.asc
Patch download:
Perform one of the following steps;
1) Upgrade the vulnerable system to the 7-STABLE or 8-STABLE, or the RELENG_7_1 Security version after the modification date.
2) If you want to upgrade the system with vulnerabilities through the source code path:
The following patch confirms that it can be applied to the FreeBSD 7.1 system.
A) download the patches from the following locations and use the PGP tool to verify the attached PGP signature.
# Fetch http://security.FreeBSD.org/patches/SA-10:09/pseudofs.patch
# Fetch http://security.FreeBSD.org/patches/SA-10:09/pseudofs.patch.asc
B) run the following command as root:
# Cd/usr/src
# Patch </path/to/patch
C) recompile the kernel and restart the system as described in <URL: http://www.FreeBSD.org/handbook/kernelconfig.html>.