CVE-2009-4141

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.33-rc4-git1

Description The issue is related to a use-after-free vulnerability in the fasync helper function, located in fs/fcntl.c. This vulnerability can be exploited by local users to gain privileges. The exploitation vectors include enabling O ASYNC (also known as FASYNC or FIOASYNC) on a locked file and then closing the file.

Recommendations For Linux kernel versions prior to 2.6.33-rc4-git1, update to version 2.6.33-rc4-git1 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2009-4141

RHSA-2010:0046

RHSA-2010:0149

RHSA-2010:0161

RHSA-2010_0046

Affected Products

Linux Kernel

Red Hat

CVE-2009-4141

Weakness Enumeration

Related Identifiers

Affected Products

References · 43