Title: FreeBSD FStatFS Syscall Race Condition Vulnerability
Severity: MODERATE
Description:
FreeBSD is a freely available, open source variant of the UNIX Operating System. It is distributed and maintained by the FreeBSD Project.
A problem with FreeBSD could make it possible for a local user to crash the system. The problem is in the fstatfs syscall.
The fstatfs system call is designed to return information about a mounted file system. It can be used to return data such as type of file system, the mount flags for the file system, free blocks in the file system, and the like.
A problem in the fstatfs syscall could result in a kernel panic due to a race condition. Between the time the fstatfs system call and the access of the file, it is possible to remove the file. Removing the file would cause the file descriptor allocated to become invalid. This could result in the system becoming unstable, and potentially crashing.
This problem makes it possible for a local user to crash a vulnerable system.
Affected Products:
- FreeBSD FreeBSD 4.1.0
- FreeBSD FreeBSD 4.1.1
- FreeBSD FreeBSD 4.2.0
- FreeBSD FreeBSD 4.3.0
- FreeBSD FreeBSD 4.4.0
- FreeBSD FreeBSD 4.5.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
