ID CVE-2001-1047 Type cve Reporter cve@mitre.org Modified 2017-12-19T02:29:00
Description
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.
{"id": "CVE-2001-1047", "bulletinFamily": "NVD", "title": "CVE-2001-1047", "description": "Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.", "published": "2001-06-02T04:00:00", "modified": "2017-12-19T02:29:00", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1047", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/2817", "http://www.securityfocus.com/bid/2818", "https://exchange.xforce.ibmcloud.com/vulnerabilities/6660", "https://exchange.xforce.ibmcloud.com/vulnerabilities/6661", "http://seclists.org/bugtraq/2001/Jun/0020.html"], "cvelist": ["CVE-2001-1047"], "type": "cve", "lastseen": "2019-05-29T18:07:38", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "4a1b1f63924de4c26bbdf216507dd2ba"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "46c21b6c1ba09b0560df1a618f1869c7"}, {"key": "cpe23", "hash": "df1a771ce00f4c24e9658c5d76c0ec74"}, {"key": "cvelist", "hash": "38c79ecd34e3e3b22cc3c97593e614d2"}, {"key": "cvss", "hash": "36dde738d2aa11228ef06eb95e5872c5"}, {"key": "cvss2", "hash": "1fe1a1f2a429189a548689675522c19d"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "4a57e77e3d2e6e28b5cc0b4cee80814f"}, {"key": "href", "hash": "e5e312a631c564d18a2c644deeb0f17f"}, {"key": "modified", "hash": "5735d9c13cfbd331fe56a3c91e78e26d"}, {"key": "published", "hash": "37ad1461aec591da86ee1f1ceb3ca23e"}, {"key": "references", "hash": "3798d503101e986d8a0189051dcd2714"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "358d0a83155be0ba1fe1f487605139a8"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3b92a5140b1303a7ee68a4a8e38098587bdce88f3aef6a3157af607e50d76486", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:7551", "OSVDB:7552"]}], "modified": "2019-05-29T18:07:38"}, "score": {"value": 3.9, "vector": "NONE", "modified": "2019-05-29T18:07:38"}, "vulnersScore": 3.9}, "objectVersion": "1.3", "cpe": ["cpe:/o:openbsd:openbsd:2.9", "cpe:/o:openbsd:openbsd:2.6", "cpe:/o:openbsd:openbsd:2.8", "cpe:/a:openbsd:openbsd:2.8", "cpe:/a:openbsd:openbsd:2.7", "cpe:/a:openbsd:openbsd:2.9", "cpe:/o:openbsd:openbsd:2.7", "cpe:/a:openbsd:openbsd:2.6"], "affectedSoftware": [{"name": "openbsd openbsd", "operator": "eq", "version": "2.6"}, {"name": "openbsd openbsd", "operator": "eq", "version": "2.8"}, {"name": "openbsd openbsd", "operator": "eq", "version": "2.9"}, {"name": "openbsd openbsd", "operator": "eq", "version": "2.7"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}
{"osvdb": [{"lastseen": "2017-04-28T13:20:02", "bulletinFamily": "software", "description": "## Vulnerability Description\nOpenBSD contains a flaw that may allow a local denial of service. The issue is triggered when dup2 is called on a file descriptor in one process then that descriptor is set to NULL via a close in another process that is created via rfork, which will cause a kernel panic and will result in loss of availability for the platform.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nOpenBSD contains a flaw that may allow a local denial of service. The issue is triggered when dup2 is called on a file descriptor in one process then that descriptor is set to NULL via a close in another process that is created via rfork, which will cause a kernel panic and will result in loss of availability for the platform.\n## References:\n[Related OSVDB ID: 7552](https://vulners.com/osvdb/OSVDB:7552)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-05/0328.html\nISS X-Force ID: 6661\n[CVE-2001-1047](https://vulners.com/cve/CVE-2001-1047)\nBugtraq ID: 2818\n", "modified": "2001-06-02T00:00:00", "published": "2001-06-02T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:7551", "id": "OSVDB:7551", "title": "OpenBSD VFS dup2 File Descriptor DoS", "type": "osvdb", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:02", "bulletinFamily": "software", "description": "## Vulnerability Description\nOpenBSD contains a flaw that may allow a local denial of service. The issue is triggered when a pipe in one thread is created and one of the file descriptors in another thread is set to NULL via a close, which will cause a kernel panic and will result in loss of availability for the platform.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nOpenBSD contains a flaw that may allow a local denial of service. The issue is triggered when a pipe in one thread is created and one of the file descriptors in another thread is set to NULL via a close, which will cause a kernel panic and will result in loss of availability for the platform.\n## References:\n[Related OSVDB ID: 7551](https://vulners.com/osvdb/OSVDB:7551)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-05/0328.html\nISS X-Force ID: 6660\n[CVE-2001-1047](https://vulners.com/cve/CVE-2001-1047)\nBugtraq ID: 2817\n", "modified": "2001-06-02T00:00:00", "published": "2001-06-02T00:00:00", "id": "OSVDB:7552", "href": "https://vulners.com/osvdb/OSVDB:7552", "title": "OpenBSD VFS Pipe Thread DoS", "type": "osvdb", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}