Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NetBSD SO_LINGER DIAGNOSTIC检查本地拒绝服务漏洞
Vulnerability Description
NetBSD是一款免费开放源代码的UNIX性质的操作系统。 在NetBSD中,通过setsockopt(3)访问的SO_LINGER套接字选项在很短时间内获得包含有逗留时间的架构。由于没有对这个逗留时间参数执行充分的边界检查,因此如果攻击者能够传送负数的逗留时间并启用了套接字选项的话,soclose()就会以该负数时间 * hz超时调用tsleep()。这个漏洞允许本地攻击者导致kernel忙碌,造成拒绝服务。 如果秒数hz能够溢出INT_MAX的话也会出现同样的问题。
CVSS Information
N/A
Vulnerability Type
N/A