Published: 26/12/2022 Updated: 08/08/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

An issue exists in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
illumos illumos
omniosce omnios r151038
openindiana openindiana hipster_2021.04
joyent smartos 20210923
oracle solaris 11
oracle solaris 10

CWE-667 https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424 https://www.oracle.com/security-alerts/cpujan2022.html https://www.illumos.org/issues/14424 https://jgardner100.wordpress.com/2022/01/20/security-heads-up/https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c https://kebe.com/blog/?p=505 http://www.tribblix.org/relnotes.html https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-43395

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect