CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.9%
The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.
Vendor | Product | Version | CPE |
---|---|---|---|
freebsd | freebsd | * | cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* |
freebsd | freebsd | 8.0 | cpe:2.3:o:freebsd:freebsd:8.0:p1:*:*:*:*:*:* |
freebsd | freebsd | 8.0 | cpe:2.3:o:freebsd:freebsd:8.0:p2:*:*:*:*:*:* |
freebsd | freebsd | 8.0 | cpe:2.3:o:freebsd:freebsd:8.0:p3:*:*:*:*:*:* |
freebsd | freebsd | 8.0 | cpe:2.3:o:freebsd:freebsd:8.0:p4:*:*:*:*:*:* |
freebsd | freebsd | 8.0 | cpe:2.3:o:freebsd:freebsd:8.0:p5:*:*:*:*:*:* |
freebsd | freebsd | 8.0 | cpe:2.3:o:freebsd:freebsd:8.0:p6:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
48.9%