CVE-2009-0746

🗓️ 27 Feb 2009 17:00:00Reported by mitreType

The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem

Reporter	Title	Published	Views	Family All 151
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	6 Jul 201600:00	–	bdu_fstec

NVD

Node

linux linux_kernelMatch2.6.27

linux linux_kernelMatch2.6.27.1

linux linux_kernelMatch2.6.27.2

linux linux_kernelMatch2.6.27.3

linux linux_kernelMatch2.6.27.4

linux linux_kernelMatch2.6.27.5

linux linux_kernelMatch2.6.27.6

linux linux_kernelMatch2.6.27.7

linux linux_kernelMatch2.6.27.8

linux linux_kernelMatch2.6.27.9

linux linux_kernelMatch2.6.27.10

linux linux_kernelMatch2.6.27.11

linux linux_kernelMatch2.6.27.12

linux linux_kernelMatch2.6.27.13

linux linux_kernelMatch2.6.27.14

linux linux_kernelMatch2.6.27.15

linux linux_kernelMatch2.6.27.16

linux linux_kernelMatch2.6.27.17

linux linux_kernelMatch2.6.27.18

linux linux_kernelMatch2.6.28

linux linux_kernelMatch2.6.28.1

linux linux_kernelMatch2.6.28.2

linux linux_kernelMatch2.6.28.3

linux linux_kernelMatch2.6.28.4

linux linux_kernelMatch2.6.28.5

linux linux_kernelMatch2.6.28.6

Source	Link
vupen	www.vupen.com/english/advisories/2009/0509
ubuntu	www.ubuntu.com/usn/usn-751-1
osvdb	www.osvdb.org/52202
debian	www.debian.org/security/2009/dsa-1749
secunia	www.secunia.com/advisories/36562
vmware	www.vmware.com/security/advisories/VMSA-2009-0016.html
securityfocus	www.securityfocus.com/archive/1/507985/100/0/threaded
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8039
vupen	www.vupen.com/english/advisories/2009/3316
rhn	www.rhn.redhat.com/errata/RHSA-2009-1243.html

16 Jun 2026 23:05Current

6.7Medium risk

Vulners AI Score6.7

CVSS 24.9

EPSS0.0075

CWE-20