Описание
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:bsd:bsd:*:*:*:*:*:*:*:*
cpe:2.3:o:bsd:bsd:4.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00081
Низкий
2.1 Low
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
около 3 лет назад
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
EPSS
Процентиль: 25%
0.00081
Низкий
2.1 Low
CVSS2
Дефекты
CWE-255