VULHUB ™

NetBSD, FreeBSD and likely OpenBSD operating systems contain a race condition in the implementation of the exec() system call. The 'exec()' system call is used to load a binary image from an executable file into a process. A race condition may allow for an attacker to attach to a process loading a setuid/setgid image. An attacker may be able to elevate their privileges if they can win the race and attach to and modify the setuid process.

NetBSD, FreeBSD and likely OpenBSD operating systems contain a race condition in the implementation of the exec() system call. The 'exec()' system call is used to load a binary image from an executable file into a process. A race condition may allow for an attacker to attach to a process loading a setuid/setgid image. An attacker may be able to elevate their privileges if they can win the race and attach to and modify the setuid process.