Quick fix of FreeBSD rtld vulnerability

freebsd logo.thumbnailYesterday really serious security bug was found in FreeBSD (from 7.1 to 8.0). Using public exploit local user can gain root privileges on vulnerable system. Below is an easy way solution to fix this terrible bug:

% cd /usr/src/libexec/rtld-elf/
% fetch http://people.freebsd.org/~cperciva/rtld.patch
% cat rtld.patch | patch -p1
% make && make install && make clean

Thanks to soko1 from truebsd.org.

SHARE:
nv-author-image

Stefan Durand

My name is Stefan, I'm the admin of LinuxScrew. I am a full-time Linux/Unix sysadmin, a hobby Python programmer, and a part-time blogger. I post useful guides, tips, and tutorials on common Linux and Programming issues. Feel free to reach out in the comment section.

1 thought on “Quick fix of FreeBSD rtld vulnerability”

  1. this patch is entended to work on freebsd 7.1 ?

    Here’s my output:

    Hmm… Looks like a unified diff to me…
    The text leading up to this was:
    ————————–
    |Index: rtld.c
    |===================================================================
    |— rtld.c (revision 199977)
    |+++ rtld.c (working copy)
    ————————–
    Patching file rtld.c using Plan A…
    Hunk #1 failed at 366.
    1 out of 1 hunks failed–saving rejects to rtld.c.rej
    done

    I’ve looked in the rtld.c and the line 366 don’t match.. is there another version ?

Leave a Reply

Your email address will not be published. Required fields are marked *