NetBSD 9.2: More stable, more efficient and with closed security holes | #linux | #linuxsecurity

The new version 9.2 “Nakatomi Socrates” from NetBSD was released this week. Although the release notes indicate May 12th, 2021 as the release date, the new operating system was not available for download until Monday. The latest update to NetBSD 9 features bug fixes and improved stability. In addition, some improvements from the development strand have been incorporated as backports in 9.2.

Since the new release eliminates some serious bugs and closes security gaps, the update is definitely recommended for everyone who uses NetBSD 9.0 or the latest version 9.1.

Various fixes have made the ZFS file system much more stable in the new release of NetBSD. In addition, the developers were able to fix a serious bug in interaction with NFS.

If a file system provided by ZFS was shared via NFS, clients could crash the server. It was enough for a client to attempt to create a directory on the NFS share. The server acknowledged this either with a reset or with a panic. This fatal error has been fixed in 9.2. More details can be found in Problemreport # 55042.

Der System-Call fread() has in NetBSD 9.2 an optimized buffer handling for unbuffered input / output (I / O). What at first sounds like a contradiction is not a contradiction: The “unbuffered” I / O refers to the type of access to the corresponding device. The data nevertheless end up in a buffer on the application side.

For example, a program defines a buffer buf with 2000. Then it reads from an unbuffered device dev With fread(buf,1,2000,dev). This instruction “read 2000 objects with a size of 1 byte” leads to 2000 individual read operations. This is highly inefficient and can massively reduce speed.

Again associated problem report # 55808 describes, the sister system OpenBSD had already fixed the problem earlier. This fix from OpenBSD was now the inspiration for NetBSD 9.2 fread() to optimize.

In the new version, the above scenario means that the system call interprets the buffer size correctly internally and combines individual operations into a single operation. In relation to the example above, NetBSD 9.2, unlike its predecessors, reads 2000 bytes in a single read operation.

So far, NetBSD has not generated random fragment IDs for IP packets by default, which allows conclusions to be drawn about the original IDs and enables attacks (predictable ID disclosure). Systems can counter this problem by generating IDs at random. NetBSD also allows this by switching on ID randomization. The algorithms used so far turned out to be too weak. Despite the activated randomization, it was possible to reveal the original IDs. IPv4 is affected as well as IPv6. More details can be found im Security Advisory 2021-001.

NetBSD 9.2 addresses this problem in two ways: The algorithms have undergone a major overhaul and are now stronger. In addition, ID randomization is active by default.

The Xen Security Advisory XSA-362 describes a scenario in which a faulty front-end driver can crash the back-end driver used. In this way, a guest system (DomU) can cause the hypervisor (Dom0) and thus the host system to crash in certain situations.

The new NetBSD is pulling its Xen implementation on this point. As a result, the new version removes support for the rx-flip mode in xennet and in xvif. The host system (Dom0) physically receives the data on the network adapter. This data must then be fed to the guest system (DomU) and its virtual network adapter or its driver.

rx-flip dedicates virtual memory management pages that contain the received data from the physically receiving Dom0 to the respective DomU. Instead of copying the data, they are simply ‘relabeled’. This requires correct and clean programming on the host (Dom0) and guest (DomU). Otherwise, this favors the crash scenarios from XSA-362.

rx-copy is an alternative operating model in Xen. It copies the receiving from Dom0 into the respective DomU. There is no need for time-consuming redeclaration with memory management magic. The relevant drivers in NetBSD have been using rx-copy for a long time by default. In NetBSD 9.2 it is no longer possible to switch to the optional rx-flip.

The new release brings a number of improved drivers. The drivers for Intel network cards deserve special mention. NetBSD 9.2 solves a massive problem in the device driver for Intel network cards of the type i8254x. A bug prevented big-endian systems from receiving network packets via these cards.

Furthermore, drivers for the WLAN adapter TL-WN821N V6 from TP-Link and for the encryption accelerator Allwinner H5 are now on board.

In addition to the vulnerabilities already mentioned, NetBSD 9.2 fixes the Vulnerability CVE-2021-3472 in Xorg. It enabled attackers to obtain higher rights locally or at least negatively affect system stability.

NetBSD closes further gaps in freetype, xkb and xterm. OpenSSL is also being updated. It is now included version 1.1.1k, the particular CVE-2021-3449 and CVS-2021-3450 addressed.

The supplied configuration for the standard window manager ctwm has been improved. Feedback from the users was incorporated in order to improve the usability. The new release also fixes problems with the window focus.

The new NetBSD also improves support for Aarch42 (ARM64). ptrace and a fixed clone are part of the game. In addition, it introduces an emulation of intrusions that are declared as “deprecated” in ARMv7.

It also improves compatibility with Linux programs. It mimics the behavior of Linux on bugs. If a program uses longer names than is allowed in the sockaddr_in structure, it reacts in a Linux-specific manner. As usual, there are extensive ones Release-Notes zu NetBSD 9.2.


Original Source link

Leave a Reply

Your email address will not be published.

eight + one =