FreeBSD-SA-18:12.elf Security Advisory
The FreeBSD Project
Topic: Improper ELF header parsing
Credits: Thomas Barabosch, Fraunhofer FKIE; Mark Johnston
Affects: All supported versions of FreeBSD.
Corrected: 2018-09-12 05:02:11 UTC (stable/11, 11.1-STABLE)
2018-09-12 05:07:35 UTC (releng/11.2, 11.2-RELEASE-p3)
2018-09-12 05:07:35 UTC (releng/11.1, 11.1-RELEASE-p14)
2018-09-12 05:03:30 UTC (stable/10, 10.4-STABLE)
2018-09-12 05:07:35 UTC (releng/10.4, 10.4-RELEASE-p12)
CVE Name: CVE-2018-6924
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
To execute a binary the kernel must parse the ELF header to determine the
entry point address, the program interpreter, and other parameters.
II. Problem Description
Insufficient validation was performed in the ELF header parser, and malformed
or otherwise invalid ELF binaries were not rejected as they should be.
Execution of a malicious ELF binary may result in a kernel crash or may
disclose kernel memory.
No workaround is available.
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date, and
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility: