FreeBSD Linux compatibility layer Local Privilege Escalation Vulnerability

Release date:
Updated on:

Affected Systems:
FreeBSD 7.4
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56654
CVE (CAN) ID: CVE-2012-4576

FreeBSD is a UNIX operating system and an important branch of Unix developed from BSD, javasbsd, and 4.4BSD.

FreeBSD is compatible with the Linux operating system through a loadable core module/Optional kernel components. FreeBSD has a programming error when processing certain Linux system calls, which can cause access to some memory locations without correct verification. As a result, local attackers can overwrite some locations in the kernel memory, this results in Elevation of Privilege or system crash.

<* Source: Mateusz Guzik

Link: http://www.freebsd.org/security/advisories/FreeBSD-SA-12:08.linux.asc
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:

# Kldstat-m linuxelf can check whether the Linux binary compatibility layer is loaded.

Vendor patch:

FreeBSD
-------
FreeBSD has released a Security Bulletin (FreeBSD-SA-12: 08. linux) and patches for this:

FreeBSD-SA-12: 08. linux: Linux compatibility layer input validation error

CVE link: http://cve.mitre.org/cgi-bin/cvename.cgi? Name = CVE-2012-4576

Announcement link: http://www.freebsd.org/security/advisories/FreeBSD-SA-12:08.linux.asc

Link to patch: http://security.FreeBSD.org/patches/SA-12:08/linux.patch