CVE-2009-0269

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-0269
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.

4.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html Mailing List
http://secunia.com/advisories/33758 Broken Link
http://secunia.com/advisories/34394 Broken Link
http://secunia.com/advisories/34502 Broken Link
http://secunia.com/advisories/34981 Broken Link
http://secunia.com/advisories/35390 Broken Link
http://secunia.com/advisories/35394 Broken Link
http://secunia.com/advisories/37471 Broken Link
http://www.debian.org/security/2009/dsa-1749 Mailing List
http://www.debian.org/security/2009/dsa-1787 Mailing List
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0326.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0360.html Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33412 Broken Link Patch Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-751-1 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 Broken Link VDB Entry
https://lists.launchpad.net/ecryptfs-devel/msg00010.html Mailing List Third Party Advisory
https://lists.launchpad.net/ecryptfs-devel/msg00011.html Mailing List Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
History

09 Feb 2024, 03:26

Type Values Removed Values Added
References (SECUNIA) http://secunia.com/advisories/34394 - (SECUNIA) http://secunia.com/advisories/34394 - Broken Link
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html - Mailing List
References (MLIST) https://lists.launchpad.net/ecryptfs-devel/msg00010.html - (MLIST) https://lists.launchpad.net/ecryptfs-devel/msg00010.html - Mailing List, Third Party Advisory
References (MLIST) https://lists.launchpad.net/ecryptfs-devel/msg00011.html - (MLIST) https://lists.launchpad.net/ecryptfs-devel/msg00011.html - Mailing List, Third Party Advisory
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:118 - Broken Link
References (UBUNTU) http://www.ubuntu.com/usn/usn-751-1 - (UBUNTU) http://www.ubuntu.com/usn/usn-751-1 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/35394 - (SECUNIA) http://secunia.com/advisories/35394 - Broken Link
References (SECUNIA) http://secunia.com/advisories/35390 - (SECUNIA) http://secunia.com/advisories/35390 - Broken Link
References () http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 - () http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 - Broken Link
References (BID) http://www.securityfocus.com/bid/33412 - Patch (BID) http://www.securityfocus.com/bid/33412 - Broken Link, Patch, Third Party Advisory, VDB Entry
References (CONFIRM) http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 - (CONFIRM) http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1 - Broken Link
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/48188 - Broken Link, VDB Entry
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-0360.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-0360.html - Broken Link
References (SECUNIA) http://secunia.com/advisories/33758 - (SECUNIA) http://secunia.com/advisories/33758 - Broken Link
References (DEBIAN) http://www.debian.org/security/2009/dsa-1787 - (DEBIAN) http://www.debian.org/security/2009/dsa-1787 - Mailing List
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html - Mailing List
References (DEBIAN) http://www.debian.org/security/2009/dsa-1749 - (DEBIAN) http://www.debian.org/security/2009/dsa-1749 - Mailing List
References (SECUNIA) http://secunia.com/advisories/37471 - (SECUNIA) http://secunia.com/advisories/37471 - Broken Link
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169 - Broken Link
References (VUPEN) http://www.vupen.com/english/advisories/2009/3316 - (VUPEN) http://www.vupen.com/english/advisories/2009/3316 - Broken Link
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-0326.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-0326.html - Broken Link
References (BUGTRAQ) http://www.securityfocus.com/archive/1/507985/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/34981 - (SECUNIA) http://secunia.com/advisories/34981 - Broken Link
References (SECUNIA) http://secunia.com/advisories/34502 - (SECUNIA) http://secunia.com/advisories/34502 - Broken Link
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html - Mailing List
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944 - Broken Link
References (CONFIRM) http://www.vmware.com/security/advisories/VMSA-2009-0016.html - (CONFIRM) http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory
CPE cpe:2.3:o:linux:linux_kernel:2.6.25:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24_rc5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22_rc7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22_rc1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24_rc4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:x86_64:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24_rc1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.23_rc1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:x86_64:*:*:*:*:*		 cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
First Time Canonical
Canonical ubuntu Linux
Debian debian Linux
Debian
Opensuse opensuse
Opensuse
CWE CWE-399 CWE-787

07 Nov 2023, 02:03

Type Values Removed Values Added
References
  • {'url': 'http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=a17d5232de7b53d34229de79ec22f4bb04adb7e4', 'name': 'http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git;a=commit;h=a17d5232de7b53d34229de79ec22f4bb04adb7e4', 'tags': [], 'refsource': 'CONFIRM'}
  • () http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4 -
Information

Published : 2009-01-26 15:30

Updated : 2024-02-28 11:21

NVD link : CVE-2009-0269

Mitre link : CVE-2009-0269

CVE.ORG link : CVE-2009-0269

JSON object : View

Products Affected

opensuse

  • opensuse

linux

  • linux_kernel

debian

  • debian_linux

canonical

  • ubuntu_linux
CWE
CWE-787

Out-of-bounds Write


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024