Is FreeBSD vulnerable to Ghost?

FreeBSD uses its own libc implementation just like all other BSDs. Yes all Linux systems are affected by the bug but BSDs are not affected.
 
The disclosure comes with a piece of C code that checks for the vulnerability. So let's use it...

Code: 
% uname -rms
FreeBSD 9.3-STABLE amd64
%
% ls -lF /compat/linux/lib/libc[\.-]*
-rwxr-xr-x  1 root  wheel  1902892 Oct 15 03:36 /compat/linux/lib/libc-2.12.so*
lrwxr-xr-x  1 root  wheel  12 Oct 15 03:05 /compat/linux/lib/libc.so.6@ -> libc-2.12.so
% pkg which /compat/linux/lib/libc-2.12.so
/compat/linux/lib/libc-2.12.so was installed by package linux_base-c6-6.6_1
%
% md5 ghost.c
MD5 (ghost.c) = aa8dbce88e54027dbd4723ccd142f717
% /compat/linux/usr/bin/gcc ghost.c -o ghost
% file ghost
ghost: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, BuildID[sha1]=d7ef7a7900cb7da62e80420f22c69bb8e7e6a2f5, not stripped
% ldd ghost
ghost:
  libc.so.6 => /lib/libc.so.6 (0x28070000)
  /lib/ld-linux.so.2 (0x28049000)
%
% ./ghost
vulnerable
%
 
Here I go again. This got to be the coolest catch/repair I ever seen but It broke packet filter. After updating and rebooting just minutes ago, I fired up pftop as usual but it fails to run.

Code: 
:~ # pftop
Pftop: open(“/dev/pf”): No such file or directory
So switch from desktop mode to console ctrl/alt[F1] and this is in the boot text (I typed it by hand).

Code: 
Starting ums0 moused.
Link_elf_obj: symbol altq_add undefined
Linker_load_file: Unsupported file type
KLD pflog.ko: depends on pf – not available or version mismatch
Linker_load_file: Unsupported file type
Kldload: an error occurred while loading the module.
/etc/rc: WARNING: Unable to load kernel module pflog
/etc/rc: WARNING: failed precmd routine for pflog
…
….
How do I roll-back so I can try it again and again until I find out what went wrong? I did in fact upgraded to gcc-49 but clang stills default and it build my custom kernel last night. I only added pf, ALTQ and I removed stuff that my machine don’t use. I been using it all day with many reboots as I do while test other stuff that I do. So I know that the machine was in very good shape until now.

btw; I don't mix Linux in my FreeBSD.
 
This is really strange. I did a [shutdown now] in gnome terminal and it froze. It NEVER did that before. After a full 10 minutes I did a regular rebooted … it rebooted but hung about a full minute before syncing disk begun, than went to Single User Mode. I exit and went to console mode to get a clean reboot.

I found the perfect thread for this occasion just in case someone else has a problem.

https://forums.freebsd.org/threads/...er-freebsd-update-rollback.47315/#post-264339

Code: 
# mount -u /
# mount -a
# freebsd-update rollback

Packet Filter is back. Now 10.1p4 is happy again. I’ll be trying again within 24 hours. Maybe it's all because I never enabled hald. It make you wonder why it work for you and not for him. It could be something as simple as that.
 
After sleeping on it I realize doing it all over again would be useless because this latest update replace files needed to run pf. So at this point upgrading and updating with this fix you most likely will lose pf, and who known when for the rest. I really hope they fix this because I just gain know-how in upgrading, updating and a lot more (thanks to this forum and the handbook). I was an 8.2 die-hard trusting PcBSD to handle all technical aspects up until just months ago.
 
It really looks like the modules and the kernel are diverging on your machine, or that there is a version mismatch somewhere. Because, when a module is build, the symbol should be available. Did you, by any chance, not install the kernel after some update to the source tree but then installed some modules buld from that? This happened to me once. The hunting is funny then...
 
Hi Crivens I think you're on to something. Some facts are needed here:

I installed FreeBSD-10.1 using the CD January 3 of this year. I dump it because freebsdFreeBSD online port system would not install GNOME-2, but forced GNOME-3 to install. I quit, then I included my fully packed distfiles, but all I got was errors. Since June of last year my FreeBSD 10.0 has never been connected to the INTERNET other than for freebsd-update, portsnap and svn. I have never build world or created custom kernel for it. So I know that my system is pollution-free and has never been hosed. It took until January 14, three weeks ago to be convinced to upgrade to FreeBSD 10.1 by way of freebsd-update and everything worked, including GNOME-2 (strange, right?).
Did you, by any chance, not install the kernel after some update to the source tree but then installed some modules buld from that?
Click to expand...
Crivens: Back in June when I first installed FreeBSD 10.0 from CD I did a freebsd-update, portsnap, and I got the src from svn. I was using an online how-to that I found. I posted a question for a problem that I thought I had and wblock@ replied something like *metadata is different and larger with Subversion*. In another thread he said something like *don’t mix svn src with portsnap update’s; get them both from one place or the other*. So this explains after all these months of reading, posting and experimenting; why things works for me and not for others and vice-versa, like now. No wonder no one knew what I was talking about. But still, no little ghost is going to scare me out of this system, and if I ever upgrade again, it will be based on what newer version of FreeBSD does inside Virtualbox now that I have better insight. What I have now run better than XP, Win-8, and PC-BSD.

Thanks Crivens and kjpetrie.
 
You must log in or register to reply here.
Back
Top