4.9
CVSSv2

CVE-2009-3620

Published: 22/10/2009 Updated: 19/09/2017
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

The ATI Rage 128 (aka r128) driver in the Linux kernel prior to 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.

Affected Products

Vendor Product Versions
LinuxLinux Kernel2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.8.1, 2.6.9, 2.6.10, 2.6.11, 2.6.11.1, 2.6.11.2, 2.6.11.3, 2.6.11.4, 2.6.11.5, 2.6.11.6, 2.6.11.7, 2.6.11.8, 2.6.11.9, 2.6.11.10, 2.6.11.11, 2.6.11.12, 2.6.12, 2.6.12.1, 2.6.12.2, 2.6.12.3, 2.6.12.4, 2.6.12.5, 2.6.12.6, 2.6.13, 2.6.13.1, 2.6.13.2, 2.6.13.3, 2.6.13.4, 2.6.13.5, 2.6.14, 2.6.14.1, 2.6.14.2, 2.6.14.3, 2.6.14.4, 2.6.14.5, 2.6.14.6, 2.6.14.7, 2.6.15, 2.6.15.1, 2.6.15.2, 2.6.15.3, 2.6.15.4, 2.6.15.5, 2.6.15.6, 2.6.15.7, 2.6.16, 2.6.16.1, 2.6.16.2, 2.6.16.3, 2.6.16.4, 2.6.16.5, 2.6.16.6, 2.6.16.7, 2.6.16.8, 2.6.16.9, 2.6.16.10, 2.6.16.11, 2.6.16.12, 2.6.16.13, 2.6.16.14, 2.6.16.15, 2.6.16.16, 2.6.16.17, 2.6.16.18, 2.6.16.19, 2.6.16.20, 2.6.16.21, 2.6.16.22, 2.6.16.23, 2.6.16.24, 2.6.16.25, 2.6.16.26, 2.6.16.27, 2.6.16.28, 2.6.16.29, 2.6.16.30, 2.6.16.31, 2.6.16.32, 2.6.16.33, 2.6.16.34, 2.6.16.35, 2.6.16.36, 2.6.16.37, 2.6.16.38, 2.6.16.39, 2.6.16.40, 2.6.16.41, 2.6.16.42, 2.6.16.43, 2.6.16.44, 2.6.16.45, 2.6.16.46, 2.6.16.47, 2.6.16.48, 2.6.16.49, 2.6.16.50, 2.6.16.51, 2.6.16.52, 2.6.16.53, 2.6.16.54, 2.6.16.55, 2.6.16.56, 2.6.16.57, 2.6.16.58, 2.6.16.59, 2.6.16.60, 2.6.16.61, 2.6.16.62, 2.6.17, 2.6.17.1, 2.6.17.2, 2.6.17.3, 2.6.17.4, 2.6.17.5, 2.6.17.6, 2.6.17.7, 2.6.17.8, 2.6.17.9, 2.6.17.10, 2.6.17.11, 2.6.17.12, 2.6.17.13, 2.6.17.14, 2.6.18, 2.6.18.1, 2.6.18.2, 2.6.18.3, 2.6.18.4, 2.6.18.5, 2.6.18.6, 2.6.18.7, 2.6.18.8, 2.6.19, 2.6.19.1, 2.6.19.2, 2.6.19.3, 2.6.19.4, 2.6.19.5, 2.6.19.6, 2.6.19.7, 2.6.20, 2.6.20.1, 2.6.20.2, 2.6.20.3, 2.6.20.4, 2.6.20.5, 2.6.20.6, 2.6.20.7, 2.6.20.8, 2.6.20.9, 2.6.20.10, 2.6.20.11, 2.6.20.12, 2.6.20.13, 2.6.20.14, 2.6.20.15, 2.6.20.16, 2.6.20.17, 2.6.20.18, 2.6.20.19, 2.6.20.20, 2.6.20.21, 2.6.21, 2.6.21.1, 2.6.21.2, 2.6.21.3, 2.6.21.4, 2.6.21.5, 2.6.21.6, 2.6.21.7, 2.6.22, 2.6.22.1, 2.6.22.2, 2.6.22.3, 2.6.22.4, 2.6.22.5, 2.6.22.6, 2.6.22.7, 2.6.22.8, 2.6.22.9, 2.6.22.10, 2.6.22.11, 2.6.22.12, 2.6.22.13, 2.6.22.14, 2.6.22.15, 2.6.22.16, 2.6.22.17, 2.6.22.18, 2.6.22.19, 2.6.23, 2.6.23.1, 2.6.23.2, 2.6.23.3, 2.6.23.4, 2.6.23.5, 2.6.23.6, 2.6.23.7, 2.6.23.8, 2.6.23.9, 2.6.23.10, 2.6.23.11, 2.6.23.12, 2.6.23.13, 2.6.23.14, 2.6.23.15, 2.6.23.16, 2.6.23.17, 2.6.24, 2.6.24.1, 2.6.24.2, 2.6.24.3, 2.6.24.4, 2.6.24.5, 2.6.24.6, 2.6.24.7, 2.6.25, 2.6.25.1, 2.6.25.2, 2.6.25.3, 2.6.25.4, 2.6.25.5, 2.6.25.6, 2.6.25.7, 2.6.25.8, 2.6.25.9, 2.6.25.10, 2.6.25.11, 2.6.25.12, 2.6.25.13, 2.6.25.14, 2.6.25.15, 2.6.25.16, 2.6.25.17, 2.6.25.18, 2.6.25.19, 2.6.25.20, 2.6.26, 2.6.26.1, 2.6.26.2, 2.6.26.3, 2.6.26.4, 2.6.26.5, 2.6.26.6, 2.6.26.7, 2.6.26.8, 2.6.27, 2.6.27.1, 2.6.27.2, 2.6.27.3, 2.6.27.4, 2.6.27.5, 2.6.27.6, 2.6.27.7, 2.6.27.8, 2.6.27.9, 2.6.27.10, 2.6.27.11, 2.6.27.12, 2.6.27.13, 2.6.27.14, 2.6.27.15, 2.6.27.16, 2.6.27.17, 2.6.27.18, 2.6.27.19, 2.6.27.20, 2.6.27.21, 2.6.27.22, 2.6.27.23, 2.6.27.24, 2.6.27.25, 2.6.27.26, 2.6.27.27, 2.6.27.28, 2.6.27.29, 2.6.27.30, 2.6.27.31, 2.6.27.32, 2.6.27.33, 2.6.27.34, 2.6.27.35, 2.6.27.36, 2.6.27.37, 2.6.28, 2.6.28.1, 2.6.28.2, 2.6.28.3, 2.6.28.4, 2.6.28.5, 2.6.28.6, 2.6.28.7, 2.6.28.8, 2.6.28.9, 2.6.28.10, 2.6.29, 2.6.29.1, 2.6.29.2, 2.6.29.3, 2.6.29.4, 2.6.29.5, 2.6.29.6, 2.6.30, 2.6.30.1, 2.6.30.2, 2.6.30.3, 2.6.30.4, 2.6.30.5, 2.6.30.6, 2.6.30.7, 2.6.30.8, 2.6.30.9, 2.6.31, 2.6.31.1

Vendor Advisories

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Secu ...
It was discovered that the AX25 network subsystem did not correctly check integer signedness in certain setsockopt calls A local attacker could exploit this to crash the system, leading to a denial of service Ubuntu 910 was not affected (CVE-2009-2909) ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture Lo ...
VMware ESX 400 without patches ESX400-201002404-SG, ESX400-201002407-SG, ESX400-201002406-SG, ESX400-201005403-SG, ESX400-201005404-SG ...

References

CWE-20http://article.gmane.org/gmane.linux.kernel/892259http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7dc482dfeeeefcfd000d4271c4626937406756d7http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000082.htmlhttp://secunia.com/advisories/36707http://secunia.com/advisories/37909http://secunia.com/advisories/38794http://secunia.com/advisories/38834http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.loghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:088http://www.mandriva.com/security/advisories?name=MDVSA-2010:198http://www.openwall.com/lists/oss-security/2009/10/19/1http://www.openwall.com/lists/oss-security/2009/10/19/3http://www.redhat.com/support/errata/RHSA-2009-1670.htmlhttp://www.redhat.com/support/errata/RHSA-2009-1671.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0882.htmlhttp://www.securityfocus.com/bid/36824http://www.ubuntu.com/usn/usn-864-1http://www.vupen.com/english/advisories/2010/0528https://bugzilla.redhat.com/show_bug.cgi?id=529597https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891https://rhn.redhat.com/errata/RHSA-2009-1540.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.htmlhttps://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2009-3620http://tools.cisco.com/security/center/viewAlert.x?alertId=19252https://nvd.nist.govhttps://usn.ubuntu.com/864-1/