Hello,
I recently came across Terry Lambert's Quora response discussing several security concerns in FreeBSD, particularly:
1. VNOP Operations:
- Race conditions in create/rename operations
- Non-atomic directory entry operations
- Thread reentrant issues in UFS/FFS
2. Signal Stack Handling:
- Potential ring 3 to ring 0 transitions
- Signal handler vulnerabilities
3. NFS Mount System:
- Kernel memory write vulnerabilities
- Mount code security issues
4. Credential System:
- ACL implementation issues
- POSIX Saved ID handling problems
- Supplementary group processing concerns
I'd like to know:
1. Are these issues still present in current FreeBSD versions?
2. Is there any CVE or security advisory documentation related to these issues?
3. As a FreeBSD user, should I be concerned about these security issues?
4. Are there any mitigations or workarounds available?
Thank you for any insights or clarification.
I recently came across Terry Lambert's Quora response discussing several security concerns in FreeBSD, particularly:
1. VNOP Operations:
- Race conditions in create/rename operations
- Non-atomic directory entry operations
- Thread reentrant issues in UFS/FFS
2. Signal Stack Handling:
- Potential ring 3 to ring 0 transitions
- Signal handler vulnerabilities
3. NFS Mount System:
- Kernel memory write vulnerabilities
- Mount code security issues
4. Credential System:
- ACL implementation issues
- POSIX Saved ID handling problems
- Supplementary group processing concerns
I'd like to know:
1. Are these issues still present in current FreeBSD versions?
2. Is there any CVE or security advisory documentation related to these issues?
3. As a FreeBSD user, should I be concerned about these security issues?
4. Are there any mitigations or workarounds available?
Thank you for any insights or clarification.