CVE-1999-1214
CVSS 2.0 Score 2.1 of 10 (low)
Details
Summary
CVE-1999-1214 is a vulnerability affecting the asynchronous I/O facility in the 4.4 BSD kernel. This issue permits local users to cause a denial of service by manipulating certain ioctl and fcntl calls. The vulnerability arises due to the lack of user credential checks when setting the recipient of I/O notifications. As a result, an attacker can maliciously cause signals to be sent to arbitrary process IDs, leading to system instability and potential downtime. This vulnerability poses a significant risk, particularly in environments with multiple users or processes, and should be addressed through appropriate patching or configuration changes.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- SGI IRAX
- BSD BSD
- NetBSD
- OpenBSD
Affected Vendors
- OpenBSD Project
- Netbsd
- Blue State Digital
- Saskatchewan Government Insurance