Lucene search

K
nvd[email protected]NVD:CVE-2009-1961
HistoryJun 08, 2009 - 1:00 a.m.

CVE-2009-1961

2009-06-0801:00:00
CWE-667
web.nvd.nist.gov

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

4.5

Confidence

High

EPSS

0

Percentile

5.2%

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.

Affected configurations

NVD
Node
linuxlinux_kernelRange2.6.19
OR
linuxlinux_kernelRange2.6.272.6.27.24
OR
linuxlinux_kernelRange2.6.292.6.29.4
OR
linuxlinux_kernelMatch2.6.30rc1
OR
linuxlinux_kernelMatch2.6.30rc2
Node
debiandebian_linuxMatch4.0
Node
canonicalubuntu_linuxMatch6.06
OR
canonicalubuntu_linuxMatch8.04-
OR
canonicalubuntu_linuxMatch8.10
OR
canonicalubuntu_linuxMatch9.04
Node
opensuseopensuseMatch10.3
OR
opensuseopensuseMatch11.1
OR
suselinux_enterpriseMatch11.0-
OR
suselinux_enterprise_desktopMatch11-
OR
suselinux_enterprise_serverMatch11-

References

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

4.5

Confidence

High

EPSS

0

Percentile

5.2%