aboutsummaryrefslogtreecommitdiff
path: root/security/vuxml
diff options
context:
space:
mode:
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/vuln.xml40
1 files changed, 40 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 7d18ca8bcebe..36d9bf4e9ea4 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -35,6 +35,46 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="90d2e58f-b25a-11de-8c83-02e0185f8d72">
+ <topic>FreeBSD -- kqueue pipe race conditions</topic>
+ <affects>
+ <system>
+ <name>FreeBSD</name>
+ <range><gt>6.3</gt><lt>6.4_7</lt></range>
+ <range><gt>6.4</gt><lt>6.3_13</lt></range>
+ </system>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <h1>Problem Description</h1>
+ <p>A race condition exists in the pipe close() code relating
+ to kqueues, causing use-after-free for kernel memory, which
+ may lead to an exploitable NULL pointer vulnerability in the
+ kernel, kernel memory corruption, and other unpredictable
+ results.</p>
+ <h1>Impact:</h1>
+ <p>Successful exploitation of the race condition can lead to
+ local kernel privilege escalation, kernel data corruption
+ and/or crash.</p>
+ <p>To exploit this vulnerability, an attacker must be able to
+ run code on the target system.</p>
+ <h1>Workaround</h1>
+ <p>An errata notice, FreeBSD-EN-09:05.null has been released
+ simultaneously to this advisory, and contains a kernel patch
+ implementing a workaround for a more broad class of
+ vulnerabilities. However, prior to those changes, no
+ workaround is available.</p>
+ </body>
+ </description>
+ <references>
+ <freebsdsa>SA-09:13.pipe</freebsdsa>
+ </references>
+ <dates>
+ <discovery>2009-10-02</discovery>
+ <entry>2009-10-06</entry>
+ </dates>
+ </vuln>
+
<vuln vid="beb6f4a8-add5-11de-8b55-0030843d3802">
<topic>mybb -- multiple vulnerabilities</topic>
<affects>