CVE-2009-2849

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.30.2

Description The issue allows local users to cause a denial of service, specifically a NULL pointer dereference, through vectors related to "suspend * sysfs attributes" and the suspend lo store or suspend hi store functions. This is only considered a vulnerability when sysfs is writable by an attacker.

Recommendations For Linux kernel versions prior to 2.6.30.2, update to version 2.6.30.2 or later to resolve the issue. As a temporary workaround, consider restricting write access to sysfs to prevent exploitation.