Heimdal
article featured image

Contents:

The creators of the FreeBSD operating system have released updates meant to resolve a vulnerability within the ping module. The vulnerability, identified as CVE-2022-23093, could be exploited to crash the program or trigger remote code execution, and affects all supported versions of FreeBSD.

Last week, an advisory was published, explaining the issue in further detail.

ping reads raw IP packets from the network to process responses in the pr_pack() function. […] The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet.

Source

As a result, the buffer could overflow by up to 40 bytes when the header is present. Further, the FreeBSD Project noted that the ping process runs in a sandbox and is therefore constrained when interacting with other parts of the operating system.

Additionally, the OPNsense software, which is based on FreeBSD, has been patched to resolve the security vulnerability, among other issues.

Other Vulnerabilities

Researchers from Qualys recently discovered another vulnerability in the snap-confine program of the Linux operating system. This builds upon a previous privilege escalation flaw (CVE-2021-44731) that was observed back in February 2022.

Snap packages are self-contained applications that can be distributed by upstream developers to their users. The new CVE-2022-3328 vulnerability, introduced as part of a patch for CVE-2021-44731, can be chained with two other flaws in multipathd  to gain root privileges. Called Leeloo Multipath, this vulnerability is an authorization bypass and a symlink attack that share CVEs 2022-41974 and 2022-41973 respectively.

Multipathd runs as root by default, and a successful attack would grant an unprivileged threat actor the highest level of permissions, allowing them to execute arbitrary code.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Mihaela Popa

COMMUNICATIONS & PR OFFICER

Mihaela is a digital content creator for Heimdal® and the proud owner of an old soul and a curious mind. Passionate to learn and discover more about cybersecurity, she will gladly share her latest finds with you.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE