The Inquirer-Home

TCP bug in FreeBSD causes crashes, memory leaks

Remote kernel issue spotted
Thu May 01 2014, 10:54

daemon-hammerA VULNERABILITY that recently surfaced in FreeBSD puts users at risk of crashes, memory leaks and denial of service attacks.

FreeBSD has issued an advisory about the situation and offered a workaround to mitigate the problem. It said that there is a definite risk of exploitation, and warned users to look out for "carefully crafted attacks" on sockets.

"An attacker who can send a series of specifically crafted packets with a connection could cause a denial of service situation by causing the kernel to crash," it said.

"Additionally, because the undefined on stack memory may be overwritten by other kernel threads, while extremely difficult, it may be possible for an attacker to construct a carefully crafted attack to obtain portion of kernel memory via a connected socket. This may result in the disclosure of sensitive information such as login credentials, etc. before or even without crashing the system."

A workaround is suggested and there is a patch that can be applied. Instructions for application are in the advisory. "It is possible to defend to these attacks by doing traffic normalisation using a firewall," said FreeBSD of its workaround.

The issue has raised comparisons with the Heartbleed OpenSSL bug and there are questions about whether the FreeBSD bug is worse than the information suggests. Users and commenters on Twitter are advising that patches should be installed as soon as possible, which is always good advice.

Heartbleed made much more of an immediate impact, and that vulnerability in OpenSSL led to a series of announcements, denials and dismissals from websites, software vendors and government agencies. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?