Impact
The relibc implementation of pthread_rwlockattr_setpshared includes a flaw that allows an attacker to trigger a denial of service by supplying a specially crafted input. The error causes the function to abort or hang, resulting in unresponsive threads or the crashing of the application that relies on the read‑write lock attributes.
Affected Systems
This vulnerability affects the relibc library used by Redox OS. The vulnerable commit is 61f42d; any installation that includes this version is potentially impacted. No broader vendor list is available.
Risk and Exploitability
The CVSS score of 7.5 indicates high severity, while the EPSS score of <1% suggests a low The vulnerability is present in userland code and is not listed in CISA's KEV catalog. Based on the description, it is inferred that an attacker would need to supply crafted input to the pthread_rwlockattr_setpshared() call to trigger the denial of service. The likely attack vector could involve a local process with sufficient privileges, or an unauthenticated user if the application accepts external input.
OpenCVE Enrichment