Potential time of check time of use vulnerability (vfork)
Description
The `vfork` function suffers from portability issues and is not recommended. In some Linux systems `vfork` is vulnerable to a race condition while the child process is running as the user's UID but hasn't executed `execve`. The user may be able to send signals to this process, which in `vfork` would not be sent to the parent process. As a result, a user may be able to cause a denial of service against the privileged process.
Examples
Insecure Code
c
pid = vfork();Secure Code
c
pid = fork();Remediation
Use `fork` instead and be aware of other potential Time Of Check Time Of Use (TOCTOU) vulnerabilities.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0610 |
| Category | Concurrency |
| Severity | MEDIUM |
| CWE | CWE-362 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | TOCTOU, vfork, fork |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |