Vulnerability Description
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openbsd | Openbsd | 2.6 |
References
- http://seclists.org/bugtraq/2001/Jun/0020.html
- http://www.securityfocus.com/bid/2817Vendor Advisory
- http://www.securityfocus.com/bid/2818Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6660
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6661
- http://seclists.org/bugtraq/2001/Jun/0020.html
- http://www.securityfocus.com/bid/2817Vendor Advisory
- http://www.securityfocus.com/bid/2818Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6660
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6661
FAQ
What is CVE-2001-1047?
CVE-2001-1047 is a vulnerability with a CVSS score of 1.2 (LOW). Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL ...
How severe is CVE-2001-1047?
CVE-2001-1047 has been rated LOW with a CVSS base score of 1.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1047?
Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openbsd.