The maintainers of the FreeBSD running program have introduced updates to remediate a security vulnerability impacting the ping module that could be likely exploited to crash the software or cause remote code execution.
The issue, assigned the identifier CVE-2022-23093, impacts all supported variations of FreeBSD and concerns a stack-centered buffer overflow vulnerability in the ping service.
“ping reads uncooked IP packets from the network to approach responses in the pr_pack() perform,” in accordance to an advisory posted last week.
“The pr_pack() copies gained IP and ICMP headers into stack buffers for even more processing. In so performing, it fails to just take into account the probable presence of IP solution headers next the IP header in both the reaction or the quoted packet.”
As a consequence, the place buffer could be overflowed by up to 40 bytes when the IP possibility headers are present.
The FreeBSD Task famous that the ping procedure operates in a capability method sandbox and is for that reason constrained in how it can interact with the relaxation of the working procedure.
OPNsense, an open source, FreeBSD-dependent firewall and routing computer software, has also introduced a patch (edition 22.7.9) to plug the security gap, together with other issues.
The conclusions occur as researchers from Qualys thorough one more new vulnerability in the snap-confine program in the Linux running procedure, building on a past privilege escalation flaw (CVE-2021-44731) that came to gentle in February 2022.
Snaps are self-contained application offers that can be distributed by upstream developers to consumers.
The new shortcoming (CVE-2022-3328), launched as element of a patch for CVE-2021-44731, can be chained with two other flaws in multipathd referred to as Leeloo Multipath – an authorization bypass and a symlink attack tracked as CVE-2022-41974 and CVE-2022-41973 – to get root privileges.
Because the multipathd daemon operates by default as root, a productive exploitation of the flaws could empower an unprivileged risk actor to get hold of the highest permissions on the vulnerable host and execute arbitrary code.
Observed this article interesting? Comply with us on Twitter and LinkedIn to go through extra exceptional content material we put up.
Some parts of this post are sourced from: