CVE-2009-0935

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.

CVSS v3 5.5 MEDIUM
CVSS v2.0 4.7 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.7^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 3.4 / Impact : 6.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=linux-kernel&m=123337123501681&w=2	Mailing List Patch
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3	Broken Link
http://www.openwall.com/lists/oss-security/2009/03/06/2	Mailing List Patch
http://www.openwall.com/lists/oss-security/2009/03/18/5	Mailing List
http://www.openwall.com/lists/oss-security/2009/03/19/2	Mailing List
http://www.securityfocus.com/bid/33624	Broken Link Patch Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=488935	Issue Tracking Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/49331	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:2.6.29:rc3::::::

History

No history.

Information

Published : 2009-03-18 02:00

Updated : 2024-02-09 00:39

NVD link : CVE-2009-0935

Mitre link : CVE-2009-0935

CVE.ORG link : CVE-2009-0935

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-667

Improper Locking

{"id": "CVE-2009-0935", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2009-03-18T02:00:08.157", "references": [{"url": "http://marc.info/?l=linux-kernel&m=123337123501681&w=2", "tags": ["Mailing List", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2009/03/06/2", "tags": ["Mailing List", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2009/03/18/5", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2009/03/19/2", "tags": ["Mailing List"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/33624", "tags": ["Broken Link", "Patch", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=488935", "tags": ["Issue Tracking", "Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49331", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance."}, {"lang": "es", "value": "La funci\u00f3n inotify_read en el kernel de Linux versiones 2.6.27 hasta 2.6.27.13, 2.6.28 hasta 2.6.28.2 y 2.6.29-rc3, permite a los usuarios locales causar una denegaci\u00f3n de servicio (OOPS) por medio de una lectura con una direcci\u00f3n no v\u00e1lida en una instancia inotify, lo que causa que la exclusi\u00f3n mutua de la lista de eventos del dispositivo se desbloquee dos veces e impida la sincronizaci\u00f3n apropiada de una estructura de datos para la instancia inotify."}], "lastModified": "2024-02-09T00:39:40.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "959E86DD-3F82-4BFC-9190-B63FC5B79507", "versionEndIncluding": "2.6.27.13", "versionStartIncluding": "2.6.27"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3421BB9A-F9FC-4BDD-B72B-1DF16DA121A1", "versionEndIncluding": "2.6.28.2", "versionStartIncluding": "2.6.28"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92058AE0-2E52-4304-B4C6-871AB1CE42DF"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, or Red Hat Enterprise MRG.", "lastModified": "2009-04-15T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "cve@mitre.org"}