TCP bug in FreeBSD causes crashes, memory leaks


A vulnerability that recently surfaced in FreeBSD puts users at risk of crashes, memory leaks and denial of service attacks.
FreeBSD has issued an advisory about the situation and offered a workaround to mitigate the problem. It said that there is a definite risk of exploitation, and warned users to look out for "carefully crafted attacks" on sockets.
"An attacker who can send a series of specifically crafted packets with a connection could cause a denial of service situation by causing the kernel to crash," it said.
"Additionally, because the undefined on stack memory may be overwritten by other kernel threads, while extremely difficult, it may be possible for an attacker to construct a carefully crafted attack to obtain portion of kernel memory via a connected socket. This may result in the disclosure of sensitive information such as login credentials, etc. before or even without crashing the system."
A workaround is suggested and there is a patch that can be applied. Instructions for application are in the advisory. "It is possible to defend to these attacks by doing traffic normalisation using a firewall," said FreeBSD of its workaround.
The issue has raised comparisons with the Heartbleed OpenSSL bug and there are questions about whether the FreeBSD bug is worse than the information suggests. Users and commenters on Twitter are advising that patches should be installed as soon as possible, which is always good advice.
Heartbleed made much more of an immediate impact, and that vulnerability in OpenSSL led to a series of announcements, denials and dismissals from websites, software vendors and government agencies.