The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


NetBSD Security Advisory 2006-001: Kernfs kernel memory disclosure


<< Previous INDEX Search src / Print Next >>
From: NetBSD Security Officer <security-officer@NetBSD.org.>
To: [email protected]
Subject: NetBSD Security Advisory 2006-001: Kernfs kernel memory disclosure
Date: Mon, 09 Jan 2006 09:53:25 -0600
Message-ID: <23927.1136822005@gendalia.org.>
X-Scan-Signature: 6ed09016de5471be4aed60f088f0311c
X-Virus-Scanned: antivirus-gw at tyumen.ru


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                 NetBSD Security Advisory 2006-001

Topic: Kernfs kernel memory disclosure Version: NetBSD-current: source prior to November 23, 2005 NetBSD 3.0: not affected NetBSD 2.1: affected NetBSD 2.0.3: affected NetBSD 2.0: affected NetBSD 1.6: affected Severity: kernel sensitive information can be disclosed Fixed: NetBSD-current: November 23, 2005 NetBSD-3 branch: November 24, 2005 NetBSD-2.1 branch: November 29, 2005 NetBSD-2.0 branch: November 29, 2005 NetBSD-2 branch: November 29, 2005 NetBSD-1.6 branch: November 29, 2005 Abstract ======== The kernfs filesystem does not validate file offsets properly and a userlevel non-privileged process can read arbitrary kernel memory locations. Technical Details ================= The lseek(2) system call for the kernfs file system has insufficient bounds checking, allowing arbitrary memory locations to be read. Solutions and Workarounds
A workaround for the issue is to not mount the kernfs file system. For all NetBSD versions, you need to obtain fixed kernel sources, rebuild and install the new kernel, and reboot the system. The fixed source may be obtained from the NetBSD CVS repository. The following instructions briefly summarise how to upgrade your kernel. In these instructions, replace: ARCH with your architecture (from uname -m), and KERNCONF with the name of your kernel configuration file. To update from CVS, re-build, and re-install the kernel: # cd src # cvs update -d -P sys/miscfs/kernfs/kernfs_vnops.c # ./build.sh kernel=KERNCONF # mv /netbsd /netbsd.old # cp sys/arch/ARCH/compile/obj/KERNCONF/netbsd /netbsd # shutdown -r now For more information on how to do this, see: http://www.NetBSD.org/guide/en/chap-kernel.html Thanks To ========= Ejovi Nuwere from SecurityLab for reporting the bug and Christos Zoulas for the fix. Revision History ================ 2006-01-09 Initial release More Information ================ Advisories may be updated as new information becomes available. The most recent version of this advisory (PGP signed) can be found at ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc Information about NetBSD and NetBSD security can be found at http://www.NetBSD.org/ and http://www.NetBSD.org/Security/. Copyright 2006, The NetBSD Foundation, Inc. All Rights Reserved. Redistribution permitted only in full, unmodified form. $NetBSD: NetBSD-SA2006-001.txt,v 1.5 2006/01/09 14:48:35 gendalia Exp $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (NetBSD) iQCVAwUBQ8J3+z5Ru2/4N2IFAQIizAP/V8ad1aW7fMvDFdymQveBoW0U+7+tJgoV lzIbV7gt8tkDw0jANVqvorLoy0bC09YxnsvG/MmEwjvt6OHl80i1xd4idWhBIwSc 3NsjNd0RKiaf1Xj8pGDiuiJI8+c/2+LMhdtuXKPu7WM4EMVj7NHmxxZlzH6bFJTI eEunu2Me4ms= =Z6b1 -----END PGP SIGNATURE-----

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру