CVE-1999-1214
LowExploitation Probability (EPSS)
Low risk21th percentile — higher than 21% of all known CVEs
Summary
The asynchronous I/O facility in the 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, allowing local users to cause a denial of service.
Risk Assessment
Local users can exploit this vulnerability to send signals to arbitrary process IDs, leading to system instability.
Recommendation
It is recommended to update the kernel to the latest version that includes security patches and to implement additional user credential checks.
Original NVD description (English source)
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

