Lucene search

K
nvd[email protected]NVD:CVE-2009-0859
HistoryMar 09, 2009 - 9:30 p.m.

CVE-2009-0859

2009-03-0921:30:00
CWE-20
web.nvd.nist.gov
1

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

5.7

Confidence

High

EPSS

0

Percentile

10.1%

The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.

Affected configurations

NVD
Node
linuxlinux_kernelRange2.6.28.4

References

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

5.7

Confidence

High

EPSS

0

Percentile

10.1%