|
BSD exec() Race Condition Vulnerability
NetBSD, FreeBSD and likely OpenBSD operating systems contain a race condition in the implementation of the exec() system call. The 'exec()' system call is used to load a binary image from an executable file into a process. A race condition may allow for an attacker to attach to a process loading a setuid/setgid image. An attacker may be able to elevate their privileges if they can win the race and attach to and modify the setuid process. |
|
|
Privacy Statement |
