On Wed, Oct 31, 2018 at 04:17:36PM +0530, syed khalid
wrote:> Hello All,
>
> There is kernel RCE caused by a buffer overflow in Apple ICMP's
> packet-handling code. The PoC is not available but the bug details are
> mentioned here in https://lgtm.com/blog/apple_xnu_icmp_error_CVE-2018-4407.
> Will this vulnerability affects FreeBSD? Please let me know your thoughts
I've exchanged a couple of emails with the researchers and they have
confirmed the PoC they wrote for MacOS doesn't work on FreeBSD. Further
code analysis looks like we have some bounds checking in place that
probably didn't exist in the MacOS code. All that said, I've asked a
couple of networking stack folks to take a look at it further. I'll
report if anything changes with that assessment.
Regards,
Gordon Tetlow
FreeBSD Security Officer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: not available
URL:
<http://lists.freebsd.org/pipermail/freebsd-security/attachments/20181101/0e1708bf/attachment.sig>