IPv6 packets may be fragmented in order to accommodate the maximum transmission unit (MTU) of the network path between the source and destination hosts. The FreeBSD kernel keeps track of received packet fragments and will reassemble the original packet once all fragments have been received, at which point the packet is processed normally. Each fragment of an IPv6 packet contains a fragment header which specifies the offset of the fragment relative to the original packet, and each fragment specifies its length in the IPv6 header. When reassembling the packet, the kernel calculates the complete IPv6 payload length. The payload length must fit into a 16-bit field in the IPv6 header. Due to a bug in the kernel, a set of carefully crafted packets can trigger an integer overflow in the calculation of the reassembled packet's payload length field. Once an IPv6 packet has been reassembled, the kernel continues processing its contents. It does so assuming that the fragmentation layer has validated all fields of the constructed IPv6 header. This bug violates such assumptions and can be exploited to trigger a remote kernel panic, resulting in a denial of service.
Experience migrating a client’s VMs from Proxmox to FreeBSD, using bhyve and ZFS.
Debunking Common Myths About FreeBSD - Part 2, FreeBSD 13.4-RELEASE Announcement, OpenBSD -current has moved to version 7.6, acpidumping,Install snac2 on FreeBSD – An ActivityPub Instance for the Fediverse, Managing dotfiles with chezmoi, Podman testing on FreeBSD, and more.
A well-maintained open source FreeBSD NAS can run flawlessly for years, but like any appliance, it requires routine care to ensure longevity and performance. Just as regular oil changes are essential for your car, proactive maintenance on your NAS—such as checking storage health and performing system updates—can prevent long-term issues.
The LibreSSL project, a closely associated subproject of the OpenBSD project, has announced the availability of their new stable release, LibreSSL 4.0.0, which comes with a number of improvements and a sprinkling of fixes.
The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX/BSD/Linux systems.
Errata patches for unbound and unwind have been released for OpenBSD 7.6 and 7.5. Binary updates for the amd64, arm64 and i386 platform are available via the syspatch utility.
This is the first test version for 7.6 i386 and 7.6 amd64 for this OpenBSD-based Live System.
MidnightBSD - A free Unix, desktop-oriented operating system originally forked from FreeBSD 6.1, and periodically updated with code and drivers from later FreeBSD releases. The tagline is "The BSD for everyone" - a noble aim, but often falls short. Let's have another go, and see if this OS is a BSD for everyone.
Jason is still on location at EuroBSDcon getting interviews with those in the BSD Community.
November 7-8, 2024, at NetApp’s San Jose campus and the program will include:
OpenZFS 2.2 was a milestone release that brought several long-anticipated features to everyone’s favorite filesystem. Article is talking about automatically deduplicated copy operations via the new Block Reference Table feature, also known as the BRT or File Cloning.