Lucene search

K
cve[email protected]CVE-2009-0269
HistoryJan 26, 2009 - 3:30 p.m.

CVE-2009-0269

2009-01-2615:30:04
CWE-787
web.nvd.nist.gov
55
2
linux
kernel
ecryptfs
subsystem
denial of service
vulnerability

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

5

Confidence

High

EPSS

0

Percentile

12.7%

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.

Affected configurations

NVD
Node
linuxlinux_kernelRange<2.6.28.1
Node
opensuseopensuseMatch10.3
OR
opensuseopensuseMatch11.0
OR
opensuseopensuseMatch11.1
Node
debiandebian_linuxMatch4.0
OR
debiandebian_linuxMatch5.0
Node
canonicalubuntu_linuxMatch7.10
OR
canonicalubuntu_linuxMatch8.04
OR
canonicalubuntu_linuxMatch8.10

References

Social References

More

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

5

Confidence

High

EPSS

0

Percentile

12.7%