mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-20 20:09:11 +00:00
Add FreeBSD-SA-09:14.devfs to the VuXML list.
Hat: secteam Facilitated by: Snow B.V.
This commit is contained in:
parent
4f38af8a8b
commit
1d149407a0
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=242510
@ -35,6 +35,45 @@ Note: Please add new entries to the beginning of this file.
|
||||
-->
|
||||
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="50383bde-b25b-11de-8c83-02e0185f8d72">
|
||||
<topic>FreeBSD -- Devfs / VFS NULL pointer race condition</topic>
|
||||
<affects>
|
||||
<system>
|
||||
<name>FreeBSD</name>
|
||||
<range><gt>6.3</gt><lt>6.3_13</lt></range>
|
||||
<range><gt>6.4</gt><lt>6.4_7</lt></range>
|
||||
<range><gt>7.1</gt><lt>7.1_8</lt></range>
|
||||
<range><gt>7.2</gt><lt>7.2_4</lt></range>
|
||||
</system>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<h1>Problem Description:</h1>
|
||||
<p>Due to the interaction between devfs and VFS, a race condition
|
||||
exists where the kernel might dereference a NULL pointer.</p>
|
||||
<h1>Impact:</h1>
|
||||
<p>Successful exploitation of the race condition can lead to local
|
||||
kernel privilege escalation, kernel data corruption and/or
|
||||
crash.</p>
|
||||
<p>To exploit this vulnerability, an attacker must be able to run
|
||||
code with user privileges on the target system.</p>
|
||||
<h1>Workaround:</h1>
|
||||
<p>An errata note, FreeBSD-EN-09:05.null has been released
|
||||
simultaneously to this advisory, and contains a kernel patch
|
||||
implementing a workaround for a more broad class of
|
||||
vulnerabilities. However, prior to those changes, no workaround
|
||||
is available.</p>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<freebsdsa>SA-09:14.devfs</freebsdsa>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2009-10-02</discovery>
|
||||
<entry>2009-10-06</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="90d2e58f-b25a-11de-8c83-02e0185f8d72">
|
||||
<topic>FreeBSD -- kqueue pipe race conditions</topic>
|
||||
<affects>
|
||||
|
Loading…
Reference in New Issue
Block a user