CVE Vulnerabilities

CVE-2001-1559

NULL Pointer Dereference

Published: Dec 31, 2001 | Modified: Apr 03, 2025
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name Vendor Start Version End Version
Openbsd Openbsd 2.9 (including) 2.9 (including)
Openbsd Openbsd 3.0 (including) 3.0 (including)

Potential Mitigations

References