CVE-2009-0269

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-0269

4.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

f

s/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.

References
Link Resource
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html Mailing List
http://secunia.com/advisories/33758 Broken Link
http://secunia.com/advisories/34394 Broken Link
http://secunia.com/advisories/34502 Broken Link
http://secunia.com/advisories/34981 Broken Link
http://secunia.com/advisories/35390 Broken Link
http://secunia.com/advisories/35394 Broken Link
http://secunia.com/advisories/37471 Broken Link
http://www.debian.org/security/2009/dsa-1749 Mailing List
http://www.debian.org/security/2009/dsa-1787 Mailing List
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0326.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0360.html Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33412 Broken Link Patch Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-751-1 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 Broken Link VDB Entry
https://lists.launchpad.net/ecryptfs-devel/msg00010.html Mailing List Third Party Advisory
https://lists.launchpad.net/ecryptfs-devel/msg00011.html Mailing List Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 Broken Link
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html Mailing List
http://secunia.com/advisories/33758 Broken Link
http://secunia.com/advisories/34394 Broken Link
http://secunia.com/advisories/34502 Broken Link
http://secunia.com/advisories/34981 Broken Link
http://secunia.com/advisories/35390 Broken Link
http://secunia.com/advisories/35394 Broken Link
http://secunia.com/advisories/37471 Broken Link
http://www.debian.org/security/2009/dsa-1749 Mailing List
http://www.debian.org/security/2009/dsa-1787 Mailing List
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0326.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0360.html Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33412 Broken Link Patch Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-751-1 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 Broken Link VDB Entry
https://lists.launchpad.net/ecryptfs-devel/msg00010.html Mailing List Third Party Advisory
https://lists.launchpad.net/ecryptfs-devel/msg00011.html Mailing List Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
History

21 Nov 2024, 00:59

Type Values Removed Values Added
References () http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 - Broken Link () http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 - Broken Link
References () http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html - Mailing List () http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html - Mailing List
References () http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html - Mailing List () http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html - Mailing List
References () http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html - Mailing List () http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html - Mailing List
References () http://secunia.com/advisories/33758 - Broken Link () http://secunia.com/advisories/33758 - Broken Link
References () http://secunia.com/advisories/34394 - Broken Link () http://secunia.com/advisories/34394 - Broken Link
References () http://secunia.com/advisories/34502 - Broken Link () http://secunia.com/advisories/34502 - Broken Link
References () http://secunia.com/advisories/34981 - Broken Link () http://secunia.com/advisories/34981 - Broken Link
References () http://secunia.com/advisories/35390 - Broken Link () http://secunia.com/advisories/35390 - Broken Link
References () http://secunia.com/advisories/35394 - Broken Link () http://secunia.com/advisories/35394 - Broken Link
References () http://secunia.com/advisories/37471 - Broken Link () http://secunia.com/advisories/37471 - Broken Link
References () http://www.debian.org/security/2009/dsa-1749 - Mailing List () http://www.debian.org/security/2009/dsa-1749 - Mailing List
References () http://www.debian.org/security/2009/dsa-1787 - Mailing List () http://www.debian.org/security/2009/dsa-1787 - Mailing List
References () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 - Broken Link () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 - Broken Link
References () http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 - Broken Link () http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 - Broken Link
References () http://www.redhat.com/support/errata/RHSA-2009-0326.html - Broken Link () http://www.redhat.com/support/errata/RHSA-2009-0326.html - Broken Link
References () http://www.redhat.com/support/errata/RHSA-2009-0360.html - Broken Link () http://www.redhat.com/support/errata/RHSA-2009-0360.html - Broken Link
References () http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/33412 - Broken Link, Patch, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/33412 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/usn-751-1 - Third Party Advisory () http://www.ubuntu.com/usn/usn-751-1 - Third Party Advisory
References () http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory () http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory
References () http://www.vupen.com/english/advisories/2009/3316 - Broken Link () http://www.vupen.com/english/advisories/2009/3316 - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 - Broken Link, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 - Broken Link, VDB Entry
References () https://lists.launchpad.net/ecryptfs-devel/msg00010.html - Mailing List, Third Party Advisory () https://lists.launchpad.net/ecryptfs-devel/msg00010.html - Mailing List, Third Party Advisory
References () https://lists.launchpad.net/ecryptfs-devel/msg00011.html - Mailing List, Third Party Advisory () https://lists.launchpad.net/ecryptfs-devel/msg00011.html - Mailing List, Third Party Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 - Broken Link
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 - Broken Link
Information

Published : 2009-01-26 15:30

Updated : 2025-04-09 00:30

NVD link : CVE-2009-0269

Mitre link : CVE-2009-0269

CVE.ORG link : CVE-2009-0269

JSON object : View

Products Affected

opensuse

canonical

linux

debian

CWE
CWE-787

Out-of-bounds Write