Published: 27/02/2009 Updated: 07/11/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 prior to 2.6.27.19 and 2.6.28 prior to 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for crafted values to be present in available memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.27.12
linux linux kernel 2.6.27.3
linux linux kernel 2.6.27.1
linux linux kernel 2.6.27.18
linux linux kernel 2.6.27.10
linux linux kernel 2.6.27.17
linux linux kernel 2.6.28.4
linux linux kernel 2.6.27.16
linux linux kernel 2.6.28.2
linux linux kernel 2.6.27.4
linux linux kernel 2.6.27
linux linux kernel 2.6.28.5
linux linux kernel 2.6.27.13
linux linux kernel 2.6.27.15
linux linux kernel 2.6.27.8
linux linux kernel 2.6.27.9
linux linux kernel 2.6.28.3
linux linux kernel 2.6.27.5
linux linux kernel 2.6.27.7
linux linux kernel 2.6.28.6
linux linux kernel 2.6.27.2
linux linux kernel 2.6.27.11
linux linux kernel 2.6.28.1
linux linux kernel 2.6.27.6
linux linux kernel 2.6.27.14
linux linux kernel 2.6.28

NFS did not correctly handle races between fcntl and interrupts A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service Ubuntu 810 was not affected (CVE-2008-4307) ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that al ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-4307 Bryn M Reeves reported a denial of service in the NFS filesystem Local users can trigger a kernel BUG() due to a r ...

CWE-20 http://www.vupen.com/english/advisories/2009/0509 http://bugzilla.kernel.org/show_bug.cgi?id=12433 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.19 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.7 http://www.debian.org/security/2009/dsa-1749 http://secunia.com/advisories/34394 http://www.ubuntu.com/usn/usn-751-1 http://secunia.com/advisories/34981 http://www.debian.org/security/2009/dsa-1787 http://www.vupen.com/english/advisories/2009/3316 http://secunia.com/advisories/37471 http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://secunia.com/advisories/36562 http://rhn.redhat.com/errata/RHSA-2009-1243.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7765 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10942 http://www.securityfocus.com/archive/1/507985/100/0/threaded http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fdff73f094e7220602cc3f8959c7230517976412 https://nvd.nist.gov https://usn.ubuntu.com/751-1/

CVE-2009-0745

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect