Problem Description
A race condition exists in the pipe close() code relating
to kqueues, causing use-after-free for kernel memory, which
may lead to an exploitable NULL pointer vulnerability in the
kernel, kernel memory corruption, and other unpredictable
results.
Impact:
Successful exploitation of the race condition can lead to
local kernel privilege escalation, kernel data corruption
and/or crash.
To exploit this vulnerability, an attacker must be able to
run code on the target system.
Workaround
An errata notice, FreeBSD-EN-09:05.null has been released
simultaneously to this advisory, and contains a kernel patch
implementing a workaround for a more broad class of
vulnerabilities. However, prior to those changes, no
workaround is available.