CVE-2009-3547

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.32-rc6

Description The issue is related to multiple race conditions in the fs/pipe.c file of the Linux kernel. This can be exploited by local users to cause a denial of service, resulting in a NULL pointer dereference and system crash, or potentially gain privileges. The exploitation involves attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Recommendations For Linux kernel versions prior to 2.6.32-rc6, update to version 2.6.32-rc6 or later to resolve the issue.

Exploit

Fix

DoS

NULL Pointer Dereference

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-672CWE-476CWE-362

Related Identifiers

CVE-2009-3547

DSA-1927-1

DSA-1928-1

DSA-1929-1

RHSA-2009:1540

RHSA-2009:1541

RHSA-2009:1548

RHSA-2009:1550

RHSA-2009:1587

RHSA-2009:1588

RHSA-2009:1672

RHSA-2009_1541

RHSA-2009_1548

Affected Products

Linux Kernel

Red Hat

CVE-2009-3547

Weakness Enumeration

Related Identifiers

Affected Products

References · 36