FreeBSD Errata Notice FreeBSD-EN-16:08.zfs
4 May, 2016 by errata-notices@freebsd.org | freebsd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-16:08.zfs Errata Notice The FreeBSD Project Topic: Memory leak in ZFS Category: contrib Module: zfs Announced: 2016-05-04 Credits: Eric Borisch Affects: All supported versions of FreeBSD. Corrected: 2016-03-18 13:32:00 UTC (stable/10, 10.3-STABLE) 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) 2016-03-18 13:32:37 UTC (stable/9, 9.3-STABLE) 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. I. Background ZFS is one of several filesystems available on FreeBSD. ZFS supports many advanced features, including snapshots, which provides a frozen read-only image of file system at a given time. File system snapshots can be accessed under the .zfs/snapshot directory in the root of the file system. II. Problem Description There is a memory leak in the error path when mounting a snapshot via the automatic .zfs/snapshot directory, which can be triggered when the snapshot was once mounted, but later deleted by the system administrator. III. Impact A local user may be able to trigger the memory leak multiple times and eventually exhaust kernel memory, if the user knows a snapshot and access it before the system administrator deletes it. IV. Workaround No workaround is available, but systems that do not use ZFS snapshots are not affected. V. Solution Perform one of the following: 1) Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Reboot is required. 2) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Reboot is required. 3) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-16:08/zfs.patch # fetch https://security.FreeBSD.org/patches/EN-16:08/zfs.patch.asc # gpg --verify zfs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in <URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/9/ r297022 releng/9.3/ r299068 stable/10/ r297021 releng/10.1/ r299068 releng/10.2/ r299067 releng/10.3/ r299066 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. References The latest revision of this advisory is available at <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-16:08.zfs.asc> -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXKk4dAAoJEO1n7NZdz2rnscQQAODmJLkUgi8YgTP32IuWyz+N mX/g5HNKGWP7COTzsoIFrGZ1l+BqWwqcX9cSR1K3fFOYSDPPgug3qMHdfg63RIsm G9sJRQ/XdsUC6436UYGe3ElZyqKUjrKSPW2pA95AYVWMiJTJwly+Vd6UqDadLKmA HyebF2uh5HR7JpkTyw9lT6uN4FHTIF6NfKruap3m+NNCMw64w4bILwOLuylvxT+0 fiPJRlZ5X+I9lRM7QqO8m/S4AYAHeFAu/GG8GDPR2kO6ZuW2iuIQg04tfv8JmHgG 4074OkCo7etJ6qq59EC1Y7k6TpuNDuiTNtTpn5DnOWVCaduZnGxZo0FhKhZg7b0K D4uJkXF8aSTi4Y9rp4ynEP+d1NJD7B5dLnI5R3P3EGuGKhigymI0QlT+iDy/UGLT rG1Hx9Tsq1CsrpUe6/Go6Daqt4VxW/WYtOULDZBoVaIhhKk5H4gV1Yj66MUAsPhZ Fe+hMnehYdCcKlSYrlCaF6MTosAafhzyTgxDKehgc0K1RPxHXOME98NF76erU1Vx 62P7sdq3JrYFNg+9TUkyjaYnhc5XrHtShzCJxcMKm0NMNm7nWfyYYVwvBYpflSUI AE1VGcgAAlnH/yLnJPJL1BY6hfjsA2wPO+vituxOGDKCvSuUdWCV1baAW9ySmG4K Pgle9/Qvg/BNvtVL3dvv =PzFd -----END PGP SIGNATURE----- _______________________________________________ freebsd-announce@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-announce To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"