Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12386
HistorySep 23, 2009 - 12:00 a.m.

Linux Kernel sg_build_indirect函数本地拒绝服务漏洞

2009-09-2300:00:00
Root
www.seebug.org
15

0.0004 Low

EPSS

Percentile

8.2%

JSON

CVE ID: CVE-2009-3288

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的drivers/scsi/sg.c文件中的sg_build_indirect函数在访问数组时使用了错误的变量,这允许本地攻击者通过使用xcdroast复制CD导致内核崩溃和空指针引用。仅有可打开光驱设备的用户才可以利用这个漏洞。

Linux kernel 2.6.28-rc1 - 2.6.31-rc8
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://lkml.org/lkml/2009/9/3/107

Related

prion 1
ubuntucve 1
cve 1
securityvulns 2
openvas 1
nessus 1
ubuntu 1
prion
prion
Null pointer dereference
2009-09-22 10:30:00
ubuntucve
ubuntucve
CVE-2009-3288
2009-09-22 00:00:00
cve
cve
CVE-2009-3288
2009-09-22 10:30:00
securityvulns
securityvulns
Linux kernel DoS
2010-05-11 00:00:00
rPSA-2010-0037-1 kernel
2010-05-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-852-1)
2022-08-26 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-852-1)
2009-10-22 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00

0.0004 Low

EPSS

Percentile

8.2%

JSON
Related for SSV:12386
prion1ubuntucve1cve1securityvulns2openvas1nessus1ubuntu1