The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openbsd 3.8 |
||
openbsd openbsd 3.7 |