Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-0745
HistoryFeb 27, 2009 - 12:00 a.m.

CVE-2009-0745

2009-02-2700:00:00
ubuntu.com
ubuntu.com
14

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

0

Percentile

10.1%

The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27
before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize
the group descriptor during a resize (aka resize2fs) operation, which might
allow local users to cause a denial of service (OOPS) by arranging for
crafted values to be present in available memory.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-23.52UNKNOWN
ubuntu8.10noarchlinux< 2.6.27-11.31UNKNOWN
ubuntu7.10noarchlinux-source-2.6.22< 2.6.22-16.62UNKNOWN

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

0

Percentile

10.1%