Lucene search

K
nvd[email protected]NVD:CVE-2009-3547
HistoryNov 04, 2009 - 3:30 p.m.

CVE-2009-3547

2009-11-0415:30:00
CWE-476
CWE-362
CWE-672
web.nvd.nist.gov
10

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.2%

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.6.31.14
OR
linuxlinux_kernelMatch2.6.32-
OR
linuxlinux_kernelMatch2.6.32rc1
OR
linuxlinux_kernelMatch2.6.32rc2
OR
linuxlinux_kernelMatch2.6.32rc3
OR
linuxlinux_kernelMatch2.6.32rc4
OR
linuxlinux_kernelMatch2.6.32rc5
Node
novelllinux_desktopMatch9
OR
opensuseopensuseMatch11.0
OR
opensuseopensuseMatch11.2
OR
susesuse_linux_enterprise_desktopMatch10sp2
OR
susesuse_linux_enterprise_serverMatch10sp2
Node
canonicalubuntu_linuxMatch6.06
OR
canonicalubuntu_linuxMatch8.04
OR
canonicalubuntu_linuxMatch8.10
OR
canonicalubuntu_linuxMatch9.04
OR
canonicalubuntu_linuxMatch9.10
Node
fedoraprojectfedoraMatch10
Node
vmwarevmaMatch4.0
OR
vmwareesxMatch4.0
Node
redhatmrg_realtimeMatch1.0
OR
redhatenterprise_linux_desktopMatch3.0
OR
redhatenterprise_linux_desktopMatch4.0
OR
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_eusMatch4.8
OR
redhatenterprise_linux_eusMatch5.4
OR
redhatenterprise_linux_serverMatch3.0
OR
redhatenterprise_linux_serverMatch4.0
OR
redhatenterprise_linux_serverMatch5.0
OR
redhatenterprise_linux_workstationMatch3.0
OR
redhatenterprise_linux_workstationMatch4.0
OR
redhatenterprise_linux_workstationMatch5.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.32cpe:2.3:o:linux:linux_kernel:2.6.32:-:*:*:*:*:*:*
linuxlinux_kernel2.6.32cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.32cpe:2.3:o:linux:linux_kernel:2.6.32:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.32cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.32cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.32cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*
novelllinux_desktop9cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*
opensuseopensuse11.0cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
opensuseopensuse11.2cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 321

References

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.2%