Fix the length calculation for the final block of a sendfile(2)
transmission which could be tricked into rounding up to the nearest page size, leaking up to a page of kernel memory. [13:11] In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather than pass them on to the link layer without validation or credential checks. [SA-13:12] Prevent cross-mount hardlinks between different nullfs mounts of the same underlying filesystem. [SA-13:13] Security: CVE-2013-5666 Security: FreeBSD-SA-13:11.sendfile Security: CVE-2013-5691 Security: FreeBSD-SA-13:12.ifioctl Security: CVE-2013-5710 Security: FreeBSD-SA-13:13.nullfs Approved by: so
This commit is contained in:
Dag-Erling Smørgrav
parent
e8346ce7d0
commit
c4d9a19be3
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=42642
12 changed files with 620 additions and 0 deletions
|
|
@ -7,6 +7,26 @@
|
|||
<year>
|
||||
<name>2013</name>
|
||||
|
||||
<month>
|
||||
<name>9</name>
|
||||
|
||||
<day>
|
||||
<name>10</name>
|
||||
|
||||
<advisory>
|
||||
<name>FreeBSD-SA-13:13.nullfs</name>
|
||||
</advisory>
|
||||
|
||||
<advisory>
|
||||
<name>FreeBSD-SA-13:12.ifioctl</name>
|
||||
</advisory>
|
||||
|
||||
<advisory>
|
||||
<name>FreeBSD-SA-13:11.sendfile</name>
|
||||
</advisory>
|
||||
</day>
|
||||
</month>
|
||||
|
||||
<month>
|
||||
<name>8</name>
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue