Release Date: | 2009-11-04 |
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/10450/fd/ /proc/10/fd/ /proc/11365/fd/ /proc/11367/fd/ /proc/11713/fd/ /proc/11715/fd/ /proc/11743/fd/ /proc/11748/fd/ /proc/11779/fd/ /proc/11787/fd/ /proc/11797/fd/ /proc/11/fd/ /proc/12613/fd/ /proc/12615/fd/ /proc/12650/fd/ /proc/12652/fd/ /proc/12767/fd/ /proc/12769/fd/ /proc/1395/fd/ /proc/14133/fd/ /proc/14135/fd/ /proc/14163/fd/ /proc/1530/fd/ /proc/1542/fd/ /proc/15/fd/ /proc/1628/fd/ /proc/16807/fd/ /proc/16809/fd/ /proc/16/fd/ /proc/174/fd/ /proc/17555/fd/ /proc/17557/fd/ /proc/175/fd/ /proc/17658/fd/ /proc/17660/fd/ /proc/178/fd/ /proc/17/fd/ /proc/180/fd/ /proc/18405/fd/ /proc/18406/fd/ /proc/18407/fd/ /proc/18408/fd/ /proc/18409/fd/ /proc/18410/fd/ /proc/18411/fd/ /proc/18412/fd/ /proc/1/fd/ /proc/20662/fd/ /proc/20664/fd/ /proc/20899/fd/ /proc/22659/fd/ /proc/22661/fd/ /proc/22674/fd/ /proc/22676/fd/ /proc/2410/fd/ /proc/247/fd/ /proc/250/fd/ /proc/251/fd/ /proc/252/fd/ /proc/2547/fd/ /proc/2596/fd/ /proc/2607/fd/ /proc/2608/fd/ /proc/2609/fd/ /proc/2613/fd/ /proc/2617/fd/ /proc/2618/fd/ /proc/2622/fd/ /proc/2638/fd/ /proc/2644/fd/ /proc/2645/fd/ /proc/2773/fd/ /proc/2776/fd/ /proc/28016/fd/ /proc/28018/fd/ /proc/2832/fd/ /proc/2834/fd/ /proc/2835/fd/ /proc/2857/fd/ /proc/2860/fd/ /proc/2896/fd/ /proc/2897/fd/ /proc/2928/fd/ /proc/2955/fd/ /proc/2956/fd/ /proc/2963/fd/ /proc/2987/fd/ /proc/2/fd/ /proc/3002/fd/ /proc/3017/fd/ /proc/3021/fd/ /proc/3037/fd/ /proc/3072/fd/ /proc/3083/fd/ /proc/3097/fd/ /proc/3098/fd/ /proc/3106/fd/ /proc/3111/fd/ /proc/3119/fd/ /proc/3122/fd/ /proc/3125/fd/ /proc/3128/fd/ /proc/3135/fd/ /proc/3152/fd/ /proc/3182/fd/ /proc/3199/fd/ /proc/3204/fd/ /proc/3219/fd/ /proc/3230/fd/ /proc/3244/fd/ /proc/3266/fd/ /proc/3276/fd/ /proc/3286/fd/ /proc/3295/fd/ /proc/3324/fd/ /proc/3341/fd/ /proc/3371/fd/ /proc/3372/fd/ /proc/3437/fd/ /proc/3442/fd/ /proc/3443/fd/ /proc/3453/fd/ /proc/3454/fd/ /proc/3458/fd/ /proc/3460/fd/ /proc/3482/fd/ /proc/3547/fd/ /proc/3561/fd/ /proc/3563/fd/ /proc/3950/fd/ /proc/3977/fd/ /proc/3/fd/ /proc/4021/fd/ /proc/405/fd/ /proc/4111/fd/ /proc/4120/fd/ /proc/4121/fd/ /proc/4122/fd/ /proc/4124/fd/ /proc/4152/fd/ /proc/4153/fd/ /proc/4154/fd/ /proc/4155/fd/ /proc/4156/fd/ /proc/4157/fd/ /proc/4158/fd/ /proc/415/fd/ /proc/4160/fd/ /proc/4161/fd/ /proc/4166/fd/ /proc/4167/fd/ /proc/4187/fd/ /proc/4199/fd/ /proc/4208/fd/ /proc/4209/fd/ /proc/4210/fd/ /proc/4211/fd/ /proc/4212/fd/ /proc/4213/fd/ /proc/4214/fd/ /proc/4215/fd/ /proc/4217/fd/ /proc/4219/fd/ /proc/4227/fd/ /proc/4235/fd/ /proc/4252/fd/ /proc/4254/fd/ /proc/4255/fd/ /proc/4257/fd/ /proc/4258/fd/ /proc/4260/fd/ /proc/4262/fd/ /proc/4264/fd/ /proc/4559/fd/ /proc/4563/fd/ /proc/4584/fd/ /proc/4586/fd/ /proc/4588/fd/ /proc/4/fd/ /proc/510/fd/ /proc/511/fd/ /proc/512/fd/ /proc/519/fd/ /proc/520/fd/ /proc/5224/fd/ /proc/5226/fd/ /proc/5407/fd/ /proc/5409/fd/ /proc/549/fd/ /proc/5608/fd/ /proc/5610/fd/ /proc/5639/fd/ /proc/5642/fd/ /proc/567/fd/ /proc/5703/fd/ /proc/5705/fd/ /proc/5767/fd/ /proc/5769/fd/ /proc/5819/fd/ /proc/5822/fd/ /proc/5850/fd/ /proc/5853/fd/ /proc/5855/fd/ /proc/5956/fd/ /proc/5958/fd/ /proc/5/fd/ /proc/605/fd/ /proc/668/fd/ /proc/6/fd/ /proc/7475/fd/ /proc/7477/fd/ /proc/7511/fd/ /proc/7513/fd/ /proc/7/fd/ /proc/8029/fd/ /proc/8031/fd/ /proc/8574/fd/ /proc/8/fd/ /proc/9/fd/ /proc/self/fd/ pathname.
See more information about CVE-2009-3547 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS v2.0 metrics and score provided are preliminary and subject to review.
Base Score: | 6.9 | Base Metrics: | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Access Vector: | Local network | Attack Complexity: | Medium |
Authentication: | None required | Confidentiality Impact: | Complete |
Integrity Impact: | Complete | Availability Impact: | Complete |
Platform | Errata | Release Date |
Oracle Enterprise Linux version 4 (kernel) | ELSA-2009-1541 | 2009-11-03 |
Oracle Enterprise Linux version 4 (ocfs2-2.6.9-89.0.16.0.1.EL) | ELSA-2009-1541 | 2009-11-03 |
Oracle Enterprise Linux version 4 (oracleasm-2.6.9-89.0.16.0.1.EL) | ELSA-2009-1541 | 2009-11-03 |
Oracle Linux version 5 (kernel) | ELSA-2009-1548 | 2009-11-03 |
Oracle Linux version 5 (ocfs2-2.6.18-164.6.1.0.1.el5) | ELSA-2009-1548 | 2009-11-03 |
Oracle Linux version 5 (oracleasm-2.6.18-164.6.1.0.1.el5) | ELSA-2009-1548 | 2009-11-03 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team