Lucene search

Veracode Vulnerability DatabaseVERACODE:23919

HistoryApr 10, 2020 - 12:40 a.m.

Denial Of Service (DoS)

2020-04-1000:40:08

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

kernel is vulnerable to denial of service. The unix_stream_connect() function in the Linux kernel did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service.

CPENameOperatorVersion
kernel-rteq2.6.24.7__74.el5rt
kernel-rteq2.6.24.7__111.el5rt
kernel-rteq2.6.24.7__117.el5rt
kernel-rteq2.6.24.7__93.el5rt
kernel-rteq2.6.24.7__81.el5rt
kernel-rteq2.6.24.7__108.el5rt
kernel-rteq2.6.24.7__126.el5rt
kernel-rteq2.6.24.7__132.el5rt
kernel-rteq2.6.24.7__101.el5rt
kerneleq2.6.18__92.1.6.el5

Name	Operator	Version
kernel-rt	eq	2.6.24.7__74.el5rt
kernel-rt	eq	2.6.24.7__111.el5rt
kernel-rt	eq	2.6.24.7__117.el5rt
kernel-rt	eq	2.6.24.7__93.el5rt
kernel-rt	eq	2.6.24.7__81.el5rt
kernel-rt	eq	2.6.24.7__108.el5rt
kernel-rt	eq	2.6.24.7__126.el5rt
kernel-rt	eq	2.6.24.7__132.el5rt
kernel-rt	eq	2.6.24.7__101.el5rt
kernel	eq	2.6.18__92.1.6.el5

Rows per page:

1-10 of 1001

References

git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675

git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=77238f2b942b38ab4e7f3aced44084493e4a8675

kbase.redhat.com/faq/docs/DOC-17866

kbase.redhat.com/faq/docs/DOC-18042

lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html

lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html

lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html

lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html

lists.vmware.com/pipermail/security-announce/2010/000082.html

lkml.org/lkml/2009/10/19/50

patchwork.kernel.org/patch/54678/

secunia.com/advisories/37086

secunia.com/advisories/37909

secunia.com/advisories/38017

secunia.com/advisories/38794

secunia.com/advisories/38834

www.mandriva.com/security/advisories?name=MDVSA-2009:329

www.openwall.com/lists/oss-security/2009/10/19/2

www.openwall.com/lists/oss-security/2009/10/19/4

www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2009-1670.html

www.redhat.com/support/errata/RHSA-2009-1671.html

www.ubuntu.com/usn/usn-864-1

www.vupen.com/english/advisories/2010/0528

access.redhat.com/errata/RHSA-2009:1540

bugzilla.redhat.com/show_bug.cgi?id=529626

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921

rhn.redhat.com/errata/RHSA-2009-1540.html

www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

Related for VERACODE:23919