Lucene search

K
nvd[email protected]NVD:CVE-2009-3547
HistoryNov 04, 2009 - 3:30 p.m.

CVE-2009-3547

2009-11-0415:30:00
CWE-672
CWE-476
CWE-362
web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Affected configurations

NVD
Node
linuxlinux_kernelRange≀2.6.31.14
OR
linuxlinux_kernelMatch2.6.32-
OR
linuxlinux_kernelMatch2.6.32rc1
OR
linuxlinux_kernelMatch2.6.32rc2
OR
linuxlinux_kernelMatch2.6.32rc3
OR
linuxlinux_kernelMatch2.6.32rc4
OR
linuxlinux_kernelMatch2.6.32rc5
Node
novelllinux_desktopMatch9
OR
opensuseopensuseMatch11.0
OR
opensuseopensuseMatch11.2
OR
susesuse_linux_enterprise_desktopMatch10sp2
OR
susesuse_linux_enterprise_serverMatch10sp2
Node
canonicalubuntu_linuxMatch6.06
OR
canonicalubuntu_linuxMatch8.04
OR
canonicalubuntu_linuxMatch8.10
OR
canonicalubuntu_linuxMatch9.04
OR
canonicalubuntu_linuxMatch9.10
Node
fedoraprojectfedoraMatch10
Node
vmwarevmaMatch4.0
OR
vmwareesxMatch4.0
Node
redhatmrg_realtimeMatch1.0
OR
redhatenterprise_linux_desktopMatch3.0
OR
redhatenterprise_linux_desktopMatch4.0
OR
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_eusMatch4.8
OR
redhatenterprise_linux_eusMatch5.4
OR
redhatenterprise_linux_serverMatch3.0
OR
redhatenterprise_linux_serverMatch4.0
OR
redhatenterprise_linux_serverMatch5.0
OR
redhatenterprise_linux_workstationMatch3.0
OR
redhatenterprise_linux_workstationMatch4.0
OR
redhatenterprise_linux_workstationMatch5.0

References

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%