PT-2009-3451 · Linux · Linux Kernel

Jiri Olsa

Published

2009-03-09

Updated

2017-08-17

CVE-2009-0859

CVSS v2.0

4.7

Medium

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.28.5

Description The issue is related to the shm get stat function in the shm subsystem of the Linux kernel. When CONFIG SHMEM is disabled, this function misinterprets the data type of an inode. This can be exploited by local users to cause a denial of service, resulting in a system hang, by making an SHM INFO shmctl call. An example of how this can be done is by running the ipcs program.

Recommendations For Linux kernel versions prior to 2.6.28.5, update to version 2.6.28.5 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2009-0859

DSA-1787-1

DSA-1794-1

DSA-1800-1

Affected Products

Linux Kernel

PT-2009-3451 · Linux · Linux Kernel

CVE-2009-0859

Weakness Enumeration

Related Identifiers

Affected Products

References · 23