Description
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.
Affected Software
{"id": "CVE-2001-1047", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2001-1047", "description": "Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.", "published": "2001-06-02T04:00:00", "modified": "2017-12-19T02:29:00", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P", "accessVector": "LOCAL", "accessComplexity": "HIGH", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 1.2}, "severity": "LOW", "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1047", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/2817", "http://www.securityfocus.com/bid/2818", "http://seclists.org/bugtraq/2001/Jun/0020.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/6661", "https://exchange.xforce.ibmcloud.com/vulnerabilities/6660"], "cvelist": ["CVE-2001-1047"], "immutableFields": [], "lastseen": "2022-03-23T12:37:57", "viewCount": 13, "enchantments": {"dependencies": null, "score": {"value": 3.3, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 3.3}, "_state": {"dependencies": 1659687063, "score": 1659757587}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:openbsd:openbsd:2.7", "cpe:/o:openbsd:openbsd:2.9", "cpe:/o:openbsd:openbsd:2.6", "cpe:/o:openbsd:openbsd:2.8"], "cpe23": ["cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "affectedSoftware": [{"cpeName": "openbsd:openbsd", "version": "2.7", "operator": "eq", "name": "openbsd"}, {"cpeName": "openbsd:openbsd", "version": "2.8", "operator": "eq", "name": "openbsd"}, {"cpeName": "openbsd:openbsd", "version": "2.6", "operator": "eq", "name": "openbsd"}, {"cpeName": "openbsd:openbsd", "version": "2.9", "operator": "eq", "name": "openbsd"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "http://www.securityfocus.com/bid/2817", "name": "2817", "refsource": "BID", "tags": ["Vendor Advisory"]}, {"url": "http://www.securityfocus.com/bid/2818", "name": "2818", "refsource": "BID", "tags": ["Vendor Advisory"]}, {"url": "http://seclists.org/bugtraq/2001/Jun/0020.html", "name": "20010602 Locally exploitable races in OpenBSD VFS", "refsource": "BUGTRAQ", "tags": []}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6661", "name": "openbsd-pipe-race-dos(6661)", "refsource": "XF", "tags": []}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6660", "name": "openbsd-dup2-race-dos(6660)", "refsource": "XF", "tags": []}]}
{}
CVE-2001-1047