FreeBSD crushes system-crashing bug
Time to upgrade, Unix-like OS-havers
Sysadmins ought to patch their FreeBSD systems after an irritating bug was found in the kernel.
A programming blunder involving integer signedness can be exploited by a logged-in user to crash a system. With the right parameters, you can trick the kernel into clearing too much of its heap memory with zeros via the sysarch system call, which will eventually lead to a kernel panic.
The bug was discovered by researchers at Core Security, who alerted the FreeBSD team on March 2, and patches were released on March 16. The flaw is present in all supported versions of FreeBSD.
A technical description of the bug and proof-of-concept code to trigger it can be found in an advisory from Core Security here. Other details of the vulnerability from the FreeBSD team are available over here. ®