I. Background
The device file system (devfs) provides access to system devices, such as
storage devices and serial ports, via the file system namespace.
VFS is the Virtual File System, which abstracts file system operations in
the kernel from the actual underlying file system.
II. Problem Description
Due to the interaction between devfs and VFS, a race condition exists
2) Bug
======
HFS allows the uploading of files to the real folders added to the
Virtual File System.
The problem is that an attacker can upload files outside the
destination folder reaching the root or any other directory on the disk
in which is located the upload folder using the ../ pattern.
Note that uploading must be enabled on the target folder, that the
