Vulnerabilities > CVE-2001-1047 - Denial Of Service vulnerability in OpenBSD Dup2 VFS Race Condition

CVSS 1.2 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

high complexity

openbsd

NVD

Published: 2001-06-02

Updated: 2017-12-19

Summary

Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd 2.6 Openbsd Openbsd 2.7 Openbsd Openbsd 2.8 Openbsd Openbsd 2.9	4

References

http://seclists.org/bugtraq/2001/Jun/0020.html
http://www.securityfocus.com/bid/2817
http://www.securityfocus.com/bid/2818
https://exchange.xforce.ibmcloud.com/vulnerabilities/6660
https://exchange.xforce.ibmcloud.com/vulnerabilities/6661