Vulnerabilities > CVE-2016-6350 - NULL Pointer Dereference vulnerability in Openbsd 5.8/5.9
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Common Weakness Enumeration (CWE)
References
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/kern/vfs_subr.c.diff?r1=1.248&r2=1.249
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/kern/vfs_subr.c.diff?r1=1.248&r2=1.249
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/tmpfs/tmpfs_vfsops.c.diff?r1=1.9&r2=1.10
- http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/tmpfs/tmpfs_vfsops.c.diff?r1=1.9&r2=1.10
- http://www.openwall.com/lists/oss-security/2016/07/26/6
- http://www.openwall.com/lists/oss-security/2016/07/26/6
- http://www.openwall.com/lists/oss-security/2016/07/26/8
- http://www.openwall.com/lists/oss-security/2016/07/26/8
- http://www.securityfocus.com/bid/92140
- http://www.securityfocus.com/bid/92140