Published: 04/11/2009 Updated: 15/02/2024

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 715

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Multiple race conditions in fs/pipe.c in the Linux kernel prior to 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.32
linux linux kernel
novell linux desktop 9
opensuse opensuse 11.0
opensuse opensuse 11.2
suse suse linux enterprise server 10
suse suse linux enterprise desktop 10
canonical ubuntu linux 9.04
canonical ubuntu linux 8.10
canonical ubuntu linux 9.10
canonical ubuntu linux 8.04
canonical ubuntu linux 6.06
fedoraproject fedora 10
vmware esx 4.0
vmware vma 4.0
redhat enterprise linux server 5.0
redhat enterprise linux desktop 3.0
redhat enterprise linux workstation 5.0
redhat enterprise linux desktop 4.0
redhat enterprise linux desktop 5.0
redhat enterprise linux server 4.0
redhat enterprise linux workstation 4.0
redhat enterprise linux eus 5.4
redhat enterprise linux workstation 3.0
redhat enterprise linux server 3.0
redhat enterprise linux eus 4.8
redhat mrg realtime 1.0

It was discovered that the AX25 network subsystem did not correctly check integer signedness in certain setsockopt calls A local attacker could exploit this to crash the system, leading to a denial of service Ubuntu 910 was not affected (CVE-2009-2909) ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture Lo ...

Linux kernel versions 2610 up to but not including 26315 pipec privilege escalation exploit ...

/* EDB Note: Updated exploit ~ wwwexploit-dbcom/exploits/33322/ source: wwwsecurityfocuscom/bid/36901/info Linux kernel is prone to a local privilege-escalation vulnerability that is caused by a NULL-pointer dereference Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges Successful e ...

/* source: wwwsecurityfocuscom/bid/36901/info Linux kernel is prone to a local privilege-escalation vulnerability that is caused by a NULL-pointer dereference Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges Successful exploits will result in the complete compromise of affected computers ...

# This is a PoC based off the PoC release by Earl Chew # Linux Kernel 'pipec' Local Privilege Escalation Vulnerability # PoC by Matthew Bergin # Bugtraq ID: 36901 # # E-DB Note: Exploit Update ~ githubcom/offensive-security/exploitdb/pull/82/files import os import time import random #infinite loop i = 0 x = 0 while (i == 0): ...

/* exp_moosecoxc Watch a video of the exploit here: wwwyoutubecom/watch?v=jt81NvaOj5Y developed entirely by Ingo Molnar (exploit writer extraordinaire!) , thanks to Fotis Loukos for pointing the bug out to me -- neat bug! :) dedicated to the Red Hat employees who get paid to copy+paste my twitter and issue security a ...

while : ; do { echo y ; sleep 1 ; } | { while read ; do echo z$REPLY; done ; } & PID=$! OUT=$(ps -efl | grep 'sleep 1' | grep -v grep | { read PID REST ; echo $PID; } ) OUT="${OUT%% *}" DELAY=$((RANDOM * 1000 / 32768)) usleep $((DELAY * 1000 + RANDOM % 1000 )) echo n > /proc/$OUT/fd/1 # Trigger de ...

IS01(Deckard) Hack

is01hack 昔作成したIS01ハック関連のプログラムのソースコードです。 modules_enabler insmodして使うカーネルモジュールです。 modules_enabler+ pipe(2)の脆弱性(CVE-2009-3547)を使ってmodules_enablerと同じようなことを行います。 recovery_kit bootパーティションに入れて使うリカバリ用バイナリのソース�

CWE-362 CWE-476 CWE-672 https://rhn.redhat.com/errata/RHSA-2009-1540.html http://lkml.org/lkml/2009/10/21/42 http://www.securityfocus.com/bid/36901 http://lkml.org/lkml/2009/10/14/184 https://bugzilla.redhat.com/show_bug.cgi?id=530490 http://marc.info/?l=oss-security&m=125724568017045&w=2 https://rhn.redhat.com/errata/RHSA-2009-1548.html https://rhn.redhat.com/errata/RHSA-2009-1541.html https://rhn.redhat.com/errata/RHSA-2009-1550.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http://secunia.com/advisories/37351 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:329 http://www.redhat.com/support/errata/RHSA-2009-1672.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://secunia.com/advisories/38017 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://www.ubuntu.com/usn/usn-864-1 http://secunia.com/advisories/38794 http://www.vupen.com/english/advisories/2010/0528 http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://secunia.com/advisories/38834 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513 http://www.securityfocus.com/archive/1/512019/100/0/threaded http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c https://usn.ubuntu.com/864-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/33321/

CVE-2009-3547

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect