CVE-2001-0268

CVSS 7.2 - HIGH
Description

The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.

Affected Products
2
Vendor Product Version
netbsd netbsd All versions
openbsd openbsd All versions
References
http://archives.neohapsis.com/archives/bugtraq/200...
http://archives.neohapsis.com/archives/linux/calde...
http://archives.neohapsis.com/archives/netbsd/2001...
http://www.kb.cert.org/vuls/id/358960
http://www.openbsd.org/errata.html#userldt
http://www.osvdb.org/6141
http://www.securityfocus.com/bid/2739
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://archives.neohapsis.com/archives/bugtraq/200...
http://archives.neohapsis.com/archives/linux/calde...
http://archives.neohapsis.com/archives/netbsd/2001...
http://www.kb.cert.org/vuls/id/358960
http://www.openbsd.org/errata.html#userldt
http://www.osvdb.org/6141
http://www.securityfocus.com/bid/2739
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2001-0268
Published:
2001-05-03
Modified:
2026-04-16
CVSS Score:
7.2
Severity:
HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Vendors
netbsd openbsd
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL