diff options
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7d18ca8bcebe..36d9bf4e9ea4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -35,6 +35,46 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="90d2e58f-b25a-11de-8c83-02e0185f8d72"> + <topic>FreeBSD -- kqueue pipe race conditions</topic> + <affects> + <system> + <name>FreeBSD</name> + <range><gt>6.3</gt><lt>6.4_7</lt></range> + <range><gt>6.4</gt><lt>6.3_13</lt></range> + </system> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description</h1> + <p>A race condition exists in the pipe close() code relating + to kqueues, causing use-after-free for kernel memory, which + may lead to an exploitable NULL pointer vulnerability in the + kernel, kernel memory corruption, and other unpredictable + results.</p> + <h1>Impact:</h1> + <p>Successful exploitation of the race condition can lead to + local kernel privilege escalation, kernel data corruption + and/or crash.</p> + <p>To exploit this vulnerability, an attacker must be able to + run code on the target system.</p> + <h1>Workaround</h1> + <p>An errata notice, FreeBSD-EN-09:05.null has been released + simultaneously to this advisory, and contains a kernel patch + implementing a workaround for a more broad class of + vulnerabilities. However, prior to those changes, no + workaround is available.</p> + </body> + </description> + <references> + <freebsdsa>SA-09:13.pipe</freebsdsa> + </references> + <dates> + <discovery>2009-10-02</discovery> + <entry>2009-10-06</entry> + </dates> + </vuln> + <vuln vid="beb6f4a8-add5-11de-8b55-0030843d3802"> <topic>mybb -- multiple vulnerabilities</topic> <affects> |