Remote code execution bug in FreeBSD's ping (CVE-2022-23093)

• Previous message (by thread): Fwd: Alternative Re: ipv4/25s and above Re: 202212010732.AYC Re: 202211220729.AYC
• Next message (by thread): Sites blocking ISP Addresses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ooof.

https://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc

Some hope here: "The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrainted in how it can interact with the rest of the system at the point where the bug can occur."

Lots of other things are based on FreeBSD and may be affected, including firewalls like pfsense and OPNsense and possibly Junos. At the least I expect host discovery is ramping up by now.

• Previous message (by thread): Fwd: Alternative Re: ipv4/25s and above Re: 202212010732.AYC Re: 202211220729.AYC
• Next message (by thread): Sites blocking ISP Addresses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]