Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.05095Percentile:
0.89363
CVSS Scoring
CVSS v3.1 Score: 7.0
Severity: HIGH
Mapped CWE(s)
CWE-362
: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-476
: NULL Pointer Dereference
CWE-672
: Operation on a Resource after Expiration or Release
All CAPEC(s)
CAPEC-26 : Leveraging Race Conditions
CAPEC-29 : Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC(s) with Mapped TTPs
Mapped ATT&CK TTPs
Affected Products
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*
cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:mrg_realtime:1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:4.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me