Yesterday really serious security bug was found in FreeBSD (from 7.1 to 8.0). Using public exploit local user can gain root privileges on vulnerable system. Below is an easy way solution to fix this terrible bug:

% cd /usr/src/libexec/rtld-elf/
% fetch http://people.freebsd.org/~cperciva/rtld.patch
% cat rtld.patch | patch -p1
% make && make install && make clean

Thanks to soko1 from truebsd.org.

 

10 Comments

 

  1. January 5, 2010  8:16 pm by Arsenick Reply

    this patch is entended to work on freebsd 7.1 ?

    Here's my output:

    Hmm... Looks like a unified diff to me...
    The text leading up to this was:
    --------------------------
    |Index: rtld.c
    |===================================================================
    |--- rtld.c (revision 199977)
    |+++ rtld.c (working copy)
    --------------------------
    Patching file rtld.c using Plan A...
    Hunk #1 failed at 366.
    1 out of 1 hunks failed--saving rejects to rtld.c.rej
    done


    I've looked in the rtld.c and the line 366 don't match.. is there another version ?

  2. January 3, 2011  6:31 pm by Arianna Blamer Reply

    El campo de golf de Matalascañas ha programado para el sábado 15 de enero el primer torneo del año: la octava edición del Cocido de Doñana.

  3. February 9, 2011  10:36 pm by ??????? Reply

    Thanks for taking the time to discuss this, I feel strongly about it and love learning extra on this topic. If doable, as you achieve experience, would you mind updating your weblog with extra data? This can be very useful for me.

  4. May 14, 2011  8:01 am by sertda Reply

    It is rare to discover a professional person in whom you can have some trust. In the world at present, nobody really cares about showing others the answer in this subject matter. How happy I am to have definitely found a wonderful site as this. It's people like you that make a real difference nowadays through the tips they reveal.

  5. May 25, 2011  3:58 pm by Ira Girdley Reply

    Wonderful informativ submit. Thank U for helping facts. Lookin' forward for ur following report. Cheers

  6. February 7, 2012  6:23 pm by best deals on iphone 4s Reply

    Brilliant information out there. I by no means let a 24-hour interval terminate withouth looking for up-to-date critical information through this website

  7. June 22, 2012  3:15 pm by Moises Sardina Reply

    You really make it appear really easy with your presentation however I find this matter to be really something that I feel I might never understand. It kind of feels too complex and extremely huge for me. I am looking forward for your next post, I will try to get the cling of it!

  8. September 17, 2012  7:17 am by icons designs Reply

    You commit an error. Let's discuss it.


    P.S. Please review icons

Leave a reply

 

Your email address will not be published.