JVN/CVE Demo: Cveinfos

CVE

Id: 40982
CVE No.: CVE-2009-3547
Status: Candidate
Description: Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Phase: Assigned (20091005)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
448631	40982	CVE-2009-3547	BUGTRAQ:20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel	View
448632	40982	CVE-2009-3547	URL:http://www.securityfocus.com/archive/1/archive/1/512019/100/0/threaded	View
448633	40982	CVE-2009-3547	MLIST:[linux-kernel] 20091014 fs/pipe.c null pointer dereference	View
448634	40982	CVE-2009-3547	URL:http://lkml.org/lkml/2009/10/14/184	View
448635	40982	CVE-2009-3547	MLIST:[linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs	View
448636	40982	CVE-2009-3547	URL:http://lkml.org/lkml/2009/10/21/42	View
448637	40982	CVE-2009-3547	MLIST:[oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference	View
448638	40982	CVE-2009-3547	URL:http://marc.info/?l=oss-security&m=125724568017045&w=2	View
448639	40982	CVE-2009-3547	MLIST:[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates	View
448640	40982	CVE-2009-3547	URL:http://lists.vmware.com/pipermail/security-announce/2010/000082.html	View
448641	40982	CVE-2009-3547	CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad3960243e55320d74195fb85c975e0a8cc4466c	View
448642	40982	CVE-2009-3547	CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6	View
448643	40982	CVE-2009-3547	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=530490	View
448644	40982	CVE-2009-3547	FEDORA:FEDORA-2009-11038	View
448645	40982	CVE-2009-3547	URL:https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html	View
448646	40982	CVE-2009-3547	MANDRIVA:MDVSA-2009:329	View
448647	40982	CVE-2009-3547	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:329	View
448648	40982	CVE-2009-3547	REDHAT:RHSA-2009:1540	View
448649	40982	CVE-2009-3547	URL:https://rhn.redhat.com/errata/RHSA-2009-1540.html	View
448650	40982	CVE-2009-3547	REDHAT:RHSA-2009:1541	View
448651	40982	CVE-2009-3547	URL:https://rhn.redhat.com/errata/RHSA-2009-1541.html	View
448652	40982	CVE-2009-3547	REDHAT:RHSA-2009:1548	View
448653	40982	CVE-2009-3547	URL:https://rhn.redhat.com/errata/RHSA-2009-1548.html	View
448654	40982	CVE-2009-3547	REDHAT:RHSA-2009:1550	View
448655	40982	CVE-2009-3547	URL:https://rhn.redhat.com/errata/RHSA-2009-1550.html	View
448656	40982	CVE-2009-3547	REDHAT:RHSA-2009:1672	View
448657	40982	CVE-2009-3547	URL:http://www.redhat.com/support/errata/RHSA-2009-1672.html	View
448658	40982	CVE-2009-3547	SUSE:SUSE-SA:2009:054	View
448659	40982	CVE-2009-3547	URL:http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html	View
448660	40982	CVE-2009-3547	SUSE:SUSE-SA:2009:056	View
448661	40982	CVE-2009-3547	URL:http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html	View
448662	40982	CVE-2009-3547	SUSE:SUSE-SA:2010:001	View
448663	40982	CVE-2009-3547	URL:http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html	View
448664	40982	CVE-2009-3547	SUSE:SUSE-SA:2010:012	View
448665	40982	CVE-2009-3547	URL:http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html	View
448666	40982	CVE-2009-3547	UBUNTU:USN-864-1	View
448667	40982	CVE-2009-3547	URL:http://www.ubuntu.com/usn/usn-864-1	View
448668	40982	CVE-2009-3547	BID:36901	View
448669	40982	CVE-2009-3547	URL:http://www.securityfocus.com/bid/36901	View
448670	40982	CVE-2009-3547	OVAL:oval:org.mitre.oval:def:11513	View
448671	40982	CVE-2009-3547	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11513	View
448672	40982	CVE-2009-3547	OVAL:oval:org.mitre.oval:def:7608	View
448673	40982	CVE-2009-3547	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7608	View
448674	40982	CVE-2009-3547	OVAL:oval:org.mitre.oval:def:9327	View
448675	40982	CVE-2009-3547	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9327	View
448676	40982	CVE-2009-3547	SECUNIA:37351	View
448677	40982	CVE-2009-3547	URL:http://secunia.com/advisories/37351	View
448678	40982	CVE-2009-3547	SECUNIA:38017	View
448679	40982	CVE-2009-3547	URL:http://secunia.com/advisories/38017	View
448680	40982	CVE-2009-3547	SECUNIA:38794	View
448681	40982	CVE-2009-3547	URL:http://secunia.com/advisories/38794	View
448682	40982	CVE-2009-3547	SECUNIA:38834	View
448683	40982	CVE-2009-3547	URL:http://secunia.com/advisories/38834	View
448684	40982	CVE-2009-3547	VUPEN:ADV-2010-0528	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
45378	JVNDB-2009-006385	Wireshark の SMB 解析子におけるサービス運用妨害 (DoS) の脆弱性	Wireshark の SMB 解析子の packet-smb.c の dissect_negprot_response 関数は、一つずれエラー (Off-by-one) が発生するため、サービス運用妨害 (アプリケーションクラッシュ) 状態となる脆弱性が存在します。	CVE-2009-3551	40982	5		http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006385.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.33 MB
View render complete	2.83 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.78
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	438.46
Event: Controller.beforeRender	5.77
» Processing toolbar data	5.67
Rendering View	18.96
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	17.84
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.64
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.10
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/40982
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/40982
Remote Port	21665
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.32
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.116.192
Http Via	1.1 squid-proxy-5b5d847c96-xmlgh (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.32
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.32
Unique Id	aOdFchKsm0vHw1N4tkKPiAAAACA
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.32
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.32
Redirect Unique Id	aOdFchKsm0vHw1N4tkKPiAAAACA
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.32
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.32
Redirect Redirect Unique Id	aOdFchKsm0vHw1N4tkKPiAAAACA
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759987058.4693
Request Time	1759987058

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files