CVE-2001-0268

Name of the Vulnerable Software and Affected Versions NetBSD versions 1.5 and earlier OpenBSD versions 2.8 and earlier

Description The issue concerns the i386 set ldt system call, which, when the USER LDT kernel option is enabled, fails to validate a call gate target. This allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.

Recommendations For NetBSD versions 1.5 and earlier, consider disabling the USER LDT kernel option as a temporary workaround until a patch is available. For OpenBSD versions 2.8 and earlier, consider disabling the USER LDT kernel option as a temporary workaround until a patch is available.