FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition exploit
No description provided by source. if 0 FreeBSD 6.4 and below are vulnerable to race condition between pipeclose and knlistcleardel resulting in NULL pointer dereference. The following code exploits vulnerability to run code in kernel mode, giving root shell and escaping from jail. endif /...