Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS EnterpriseFreeBSD-EN-20:01.ssp : SSP Canary Initialization
Versions Affected : All verisons prior to FreeNAS 11.3-U1
Description
When a binary is statically linked, constructor invocation order is based on priority and sorted arbitrarily within a priority level across all constructors present in the single statically linked object.
The stack canary guard constructor had no priority, so statically linked binary could not predictably order their constructors to avoid bad interactions with respect to the stack canary constructor leading to false-positive detection of a stack overflow condition and erroneous process abort in some rare cases. Dynamically linked binaries are generally not affected, since the stack canary is initialized in libc and libc is ordered very early in constructor invocation.
Workaround
No workaround is available, but dynamically linked binaries are not affected.
Mitigation
- Upgrade to FreeNAS 11.3-U1 or later