Vulnerabilities > CVE-2009-3572 - Local Denial of Service vulnerability in Openbsd 4.4/4.5/4.6

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

openbsd

NVD

Published: 2009-10-06

Updated: 2009-10-08

Summary

OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not properly handle XMM exceptions, which allows local users to cause a denial of service (kernel panic) via unspecified vectors. Per: http://marc.info/?l=openbsd-security-announce&m=125474331811594 XMM exceptions are incorrectly handled in the OpenBSD/i386 kernel, resulting in a kernel panic that can be triggered by a local user. This issue has been fixed in -current. Source code patches are available for OpenBSD 4.4, 4.5 and 4.6.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd 4.4 Openbsd Openbsd 4.5 Openbsd Openbsd 4.6	3

References

http://marc.info/?l=openbsd-security-announce&m=125474331811594
http://secunia.com/advisories/36956
http://www.openbsd.org/errata44.html
http://www.openbsd.org/errata45.html
http://www.openbsd.org/errata46.html
http://www.securityfocus.com/bid/36589