The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.
Threat-Mapped Scoring
Score: 1.9
Priority: P3 - Important (Medium)
S9 – Sabotage of System/App
S10 – Denial of Service (+0.1 bonus)
EPSS
Score: 0.00828Percentile:
0.73552
CVSS Scoring
CVSS v3.1 Score: 7.8
Severity: HIGH
Mapped CWE(s)
CWE-667
: Improper Locking
All CAPEC(s)
CAPEC-25 : Forced Deadlock
CAPEC-26 : Leveraging Race Conditions
CAPEC-27 : Leveraging Race Conditions via Symbolic Links
CAPEC(s) with Mapped TTPs
CAPEC-25 : Forced Deadlock
Mapped TTPs:
T1499.004
: Application or System Exploitation
Mapped ATT&CK TTPs
T1499.004
: Application or System Exploitation
Kill Chain: impact
Malware
APTs Threat Group Associations
Campaigns
Affected Products
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:8.0:p6:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me