NVD

Id
50747  
Name
CVE-2009-3547  
Description
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-11-04  
Modified Date
2013-08-20  
Seq
2009-3547  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
256353 50747 CVE-2009-3547 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad3960243e55320d74195fb85c975e0a8cc4466c  View
256354 50747 CVE-2009-3547 SUSE-SA:2009:054  View
256355 50747 CVE-2009-3547 SUSE-SA:2009:056  View
256356 50747 CVE-2009-3547 SUSE-SA:2010:001  View
256357 50747 CVE-2009-3547 SUSE-SA:2010:012  View
256358 50747 CVE-2009-3547 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates  View
256359 50747 CVE-2009-3547 [linux-kernel] 20091014 fs/pipe.c null pointer dereference  View
256360 50747 CVE-2009-3547 [linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs  View
256361 50747 CVE-2009-3547 [oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference  View
256362 50747 CVE-2009-3547 oval:org.mitre.oval:def:11513  View
256363 50747 CVE-2009-3547 oval:org.mitre.oval:def:7608  View
256364 50747 CVE-2009-3547 oval:org.mitre.oval:def:9327  View
256365 50747 CVE-2009-3547 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6  View
256366 50747 CVE-2009-3547 MDVSA-2009:329  View
256367 50747 CVE-2009-3547 RHSA-2009:1672  View
256368 50747 CVE-2009-3547 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel  View
256369 50747 CVE-2009-3547 36901  View
256370 50747 CVE-2009-3547 USN-864-1  View
256371 50747 CVE-2009-3547 ADV-2010-0528  View
256372 50747 CVE-2009-3547 https://bugzilla.redhat.com/show_bug.cgi?id=530490  View
256373 50747 CVE-2009-3547 RHSA-2009:1540  View
256374 50747 CVE-2009-3547 RHSA-2009:1541  View
256375 50747 CVE-2009-3547 RHSA-2009:1548  View
256376 50747 CVE-2009-3547 RHSA-2009:1550  View
256377 50747 CVE-2009-3547 FEDORA-2009-11038  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41310 JVNDB-2009-002317 Linux kernel における競合状態の脆弱性 Linux kernel には、/proc/*/fd/ パス名を通して匿名パイプを開こうとすることによる競合状態の脆弱性が存在します。 CVE-2009-3547 40978 CVE-2009-3547 50747 6.9 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002317.html 2009-11-03 2010-02-16 View