Lucene search

PRIOn knowledge basePRION:CVE-2009-4410

HistoryDec 24, 2009 - 4:30 p.m.

Code injection

2009-12-2416:30:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service (panic) via unknown vectors.

CPENameOperatorVersion
linux_kerneleq2.6.29
linux_kerneleq2.6.29.3
linux_kerneleq2.6.30 rc2
linux_kerneleq2.6.29
linux_kerneleq2.6.30 rc3
linux_kerneleq2.6.30.7
linux_kerneleq2.6.30121
linux_kerneleq2.6.29.4
linux_kerneleq2.6.30.8
linux_kerneleq2.6.30.9

Name	Operator	Version
linux_kernel	eq	2.6.29
linux_kernel	eq	2.6.29.3
linux_kernel	eq	2.6.30 rc2
linux_kernel	eq	2.6.29
linux_kernel	eq	2.6.30 rc3
linux_kernel	eq	2.6.30.7
linux_kernel	eq	2.6.30121
linux_kernel	eq	2.6.29.4
linux_kernel	eq	2.6.30.8
linux_kernel	eq	2.6.30.9

Rows per page:

1-10 of 331

References

osvdb.org/61335

secunia.com/advisories/37928

www.openwall.com/lists/oss-security/2009/12/23/1

www.securityfocus.com/bid/37453

bugzilla.redhat.com/show_bug.cgi?id=549400

www.redhat.com/archives/fedora-package-announce/2009-December/msg01344.html

6.5 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2009-4410