Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-4141
HistoryJan 19, 2010 - 12:00 a.m.

CVE-2009-4141

2010-01-1900:00:00
ubuntu.com
ubuntu.com
16

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

0.4%

Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in
the Linux kernel before 2.6.33-rc4-git1 allows local users to gain
privileges via vectors that include enabling O_ASYNC (aka FASYNC or
FIOASYNC) on a locked file, and then closing this file.

Notes

Author Note
mdeslaur introduced by http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=233e70f4228e78eb2f80dc6650f65d3ae3dbf17c
OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchlinux< 2.6.28-18.59UNKNOWN
ubuntu9.10noarchlinux< 2.6.31-19.56UNKNOWN

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

0.4%