The creators of the FreeBSD operating system have released updates meant to resolve a vulnerability within the ping module. The vulnerability, identified as CVE-2022-23093, could be exploited to crash the program or trigger remote code execution, and affects all supported versions of FreeBSD.
Last week, an advisory was published, explaining the issue in further detail.
ping reads raw IP packets from the network to process responses in the pr_pack() function. […] The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet.
As a result, the buffer could overflow by up to 40 bytes when the header is present. Further, the FreeBSD Project noted that the ping process runs in a sandbox and is therefore constrained when interacting with other parts of the operating system.
Additionally, the OPNsense software, which is based on FreeBSD, has been patched to resolve the security vulnerability, among other issues.
Researchers from Qualys recently discovered another vulnerability in the snap-confine program of the Linux operating system. This builds upon a previous privilege escalation flaw (CVE-2021-44731) that was observed back in February 2022.
Snap packages are self-contained applications that can be distributed by upstream developers to their users. The new CVE-2022-3328 vulnerability, introduced as part of a patch for CVE-2021-44731, can be chained with two other flaws in multipathd to gain root privileges. Called Leeloo Multipath, this