Описание
The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.
Ссылки
- Broken LinkVendor Advisory
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Broken LinkVendor Advisory
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
EPSS
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x ...
The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.
EPSS
7.8 High
CVSS3
7.2 High
CVSS2