Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2009-0748

Published: 27/02/2009 Updated: 07/11/2023
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux Kernel

Vulnerability Summary

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 prior to 2.6.27.19 and 2.6.28 prior to 2.6.28.7 does not validate the superblock configuration, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) by attempting to mount a crafted ext4 filesystem.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 2.6.27.12

linux linux kernel 2.6.28

linux linux kernel 2.6.27.3

linux linux kernel 2.6.27.1

linux linux kernel 2.6.27.18

linux linux kernel 2.6.27

linux linux kernel 2.6.27.10

linux linux kernel 2.6.27.17

linux linux kernel 2.6.28.4

linux linux kernel 2.6.27.16

linux linux kernel 2.6.28.2

linux linux kernel 2.6.27.4

linux linux kernel 2.6.28.5

linux linux kernel 2.6.27.13

linux linux kernel 2.6.27.15

linux linux kernel 2.6.27.8

linux linux kernel 2.6.27.9

linux linux kernel 2.6.28.3

linux linux kernel 2.6.27.5

linux linux kernel 2.6.27.7

linux linux kernel 2.6.28.6

linux linux kernel 2.6.27.2

linux linux kernel 2.6.27.11

linux linux kernel 2.6.28.1

linux linux kernel 2.6.27.6

linux linux kernel 2.6.27.14

Vendor Advisories

Ubuntu Security Notice: linux, linux-source-2.6.22 vulnerabilities
NFS did not correctly handle races between fcntl and interrupts A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service Ubuntu 810 was not affected (CVE-2008-4307) ...
Debian Security Advisories: DSA-1749-1 linux-2.6 -- denial of service/privilege escalation/sensitive memory leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that al ...

References

CWE-20http://www.vupen.com/english/advisories/2009/0509http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.19http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.7http://bugzilla.kernel.org/show_bug.cgi?id=12371http://www.debian.org/security/2009/dsa-1749http://secunia.com/advisories/34394http://www.ubuntu.com/usn/usn-751-1http://www.vupen.com/english/advisories/2009/3316http://www.vmware.com/security/advisories/VMSA-2009-0016.htmlhttp://secunia.com/advisories/37471http://osvdb.org/52203http://secunia.com/advisories/36562http://rhn.redhat.com/errata/RHSA-2009-1243.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8526https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10683http://www.securityfocus.com/archive/1/507985/100/0/threadedhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ec110281379826c5cf6ed14735e47027c3c5765https://nvd.nist.govhttps://usn.ubuntu.com/751-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook