Kqueue FreeBSD Vulnerability
An independent Polish information security consultant, Przemyslaw Frasunek, discovered a bug in FreeBSD 6.0 - 6.4 that allowed him to get root-to-local users. the online edition http://www.theregister.co.uk informs us.
A bug from the category " race condition bugs " was found by him in the event notification interface, Kqueue leads to an attempt to dereference a NULL pointer in kernel mode. thus, there is a danger of exploiting this hole by slipping its code to launch the malvara, etc., by placing it on the memory page, which is sent to this address, 0x0.
as Przemyslaw Frasunek himself reports, he notified the FreeBSD community about this bug on August 29, 2009, but it seems that for some reason his letter has not been studied by freebies.
funny (or rather, deplorable), and at the same time, it is unclear in which exact versions of fries this bug exists. The article says about version 6.0-6.4, and the screenshot showing the exploit in action shows work under Fribzd 7.2.
')
as for freebzd community, the corresponding reaction to this news has already followed .
ps: link to the source
pps: could not transfer to the blog about fribzd on habr , since I don't have enough karma; (
A bug from the category " race condition bugs " was found by him in the event notification interface, Kqueue leads to an attempt to dereference a NULL pointer in kernel mode. thus, there is a danger of exploiting this hole by slipping its code to launch the malvara, etc., by placing it on the memory page, which is sent to this address, 0x0.
as Przemyslaw Frasunek himself reports, he notified the FreeBSD community about this bug on August 29, 2009, but it seems that for some reason his letter has not been studied by freebies.
funny (or rather, deplorable), and at the same time, it is unclear in which exact versions of fries this bug exists. The article says about version 6.0-6.4, and the screenshot showing the exploit in action shows work under Fribzd 7.2.
')
as for freebzd community, the corresponding reaction to this news has already followed .
ps: link to the source
pps: could not transfer to the blog about fribzd on habr , since I don't have enough karma; (
Source: https://habr.com/ru/post/69775/
All Articles