CVE-2001-0371: Race Condition
First published: Mon Jun 18 2001(Updated: )
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD Kernel | <=4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0371?
CVE-2001-0371 has a high severity level due to its potential for local users to access restricted information.
How do I fix CVE-2001-0371?
To fix CVE-2001-0371, upgrade to FreeBSD 4.3 or later where this race condition has been addressed.
What systems are affected by CVE-2001-0371?
CVE-2001-0371 affects FreeBSD 4.2 and earlier versions, as well as potentially other operating systems that use similar file systems.
What is the risk associated with CVE-2001-0371?
The risk associated with CVE-2001-0371 is unauthorized access to deleted data, which can expose sensitive information to local users.
Can CVE-2001-0371 be exploited remotely?
CVE-2001-0371 cannot be exploited remotely as it requires local access to the affected system to exploit the race condition.
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/freebsd
- canonical/freebsd kernel
- version/freebsd kernel/4.2