Problem Description:
Due to the interaction between devfs and VFS, a race condition
exists where the kernel might dereference a NULL pointer.
Impact:
Successful exploitation of the race condition can lead to local
kernel privilege escalation, kernel data corruption and/or
crash.
To exploit this vulnerability, an attacker must be able to run
code with user privileges on the target system.
Workaround:
An errata note, FreeBSD-EN-09:05.null has been released
simultaneously to this advisory, and contains a kernel patch
implementing a workaround for a more broad class of
vulnerabilities. However, prior to those changes, no workaround
is available.