The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
References
Configurations
History
No history.
Information
Published : 1997-09-15 04:00
Updated : 2023-12-10 10:17
NVD link : CVE-1999-1214
Mitre link : CVE-1999-1214
CVE.ORG link : CVE-1999-1214
JSON object : View
Products Affected
netbsd
- netbsd
bsd
- bsd
sgi
- irix
openbsd
- openbsd
freebsd
- freebsd
CWE
CWE-255
Credentials Management Errors