A critical vulnerability in the FreeBSD operating system’s ping module allows Attackers to execute an arbitrary code and take over the system remotely. Developers of the operating system recently released security updates. CVE-2022-23093 has been assigned to the flaw.
It is a stack-based buffer overflow vulnerability in FreeBSD’s ping service that affects all supported versions of the FreeBSD operating system.
Ping is a program that can be used to test the reachability of a remote host using ICMP messages. To send and receive ICMP messages, ping makes use of raw sockets and therefore requires elevated privileges.
“The memory safety bugs triggered by a remote host, causing the ping program to crash. It may be possible for a malicious host to trigger remote code execution in ping.” reported at FreeBSD advisory. CVE Name: CVE-2022-23093 Module: ping Announced: 2022-11-29 Credits: Tom Jones Affects All supported versions of FreeBSD. Ping Vulnerability Impact
In the pr_pack() function, the raw IP packets from the network were read by ping and then processed to produce responses. To facilitate the further processing of IP and ICMP headers, pr_pack() copies the received data into stack buffers.
As a result, IP option headers may appear at either the end of the IP header in the response or in the quoted packet, which is not taken into account.
If the IP option headers are present when the destination buffer is overflowed, the destination buffer has the potential to be overflowed by as much as