Rick Chisholm

FreeBSD Stackclash

Discussion created by Rick Chisholm on Dec 7, 2018
Latest reply on Dec 7, 2018 by derekv

QID 370433 is detected on all my BSD hosts, all of which are 11.2-RELEASE-p4 or later. I have downloaded all the PoC code from ExploitDB and tested it against these hosts and have seen no evidence of privilege escalation. Even the threat description seems off:

THREAT:It was detected that FreeBSD kernel/ glibc components are prone to a elevation of privilege vulnerability.

FreeBSD does not have glibc - glibc is a linux library.

 

If I follow the BugTrack links from the detection info none of those links refer back to BSD - only linux and solaris.

 

I think this QID might require review / QA as it pertains to BSD.

Outcomes