CVE-2009-3547

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad3960243e55320d74195fb85c975e0a8cc4466c

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

http://lists.vmware.com/pipermail/security-announce/2010/000082.html

http://lkml.org/lkml/2009/10/14/184

http://lkml.org/lkml/2009/10/21/42

http://marc.info/?l=oss-security&m=125724568017045&w=2

http://secunia.com/advisories/37351

http://secunia.com/advisories/38017

http://secunia.com/advisories/38794

http://secunia.com/advisories/38834

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6

http://www.mandriva.com/security/advisories?name=MDVSA-2009:329

http://www.redhat.com/support/errata/RHSA-2009-1672.html

http://www.securityfocus.com/archive/1/512019/100/0/threaded

http://www.securityfocus.com/bid/36901

http://www.ubuntu.com/usn/usn-864-1

http://www.vupen.com/english/advisories/2010/0528

https://bugzilla.redhat.com/show_bug.cgi?id=530490

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327

https://rhn.redhat.com/errata/RHSA-2009-1540.html

https://rhn.redhat.com/errata/RHSA-2009-1541.html

https://rhn.redhat.com/errata/RHSA-2009-1548.html

https://rhn.redhat.com/errata/RHSA-2009-1550.html

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html

Details

Source: MITRE

Published: 2009-11-04

Updated: 2020-08-12

Type: CWE-362

Risk Information

CVSS v2

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3

Base Score: 7

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 2.6.31.14 (inclusive)

cpe:2.3:o:linux:linux_kernel:2.6.32:-:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.32:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*

cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*

Tenable Plugins

View all (36 total)

IDNameProductFamilySeverity
89740VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check)NessusVMware ESX Local Security Checks
critical
89737VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0004) (remote check)NessusVMware ESX Local Security Checks
high
79507OracleVM 2.2 : kernel (OVMSA-2013-0039)NessusOracleVM Local Security Checks
high
79470OracleVM 2.2 : kernel (OVMSA-2009-0033)NessusOracleVM Local Security Checks
high
67955Oracle Linux 3 : kernel (ELSA-2009-1550)NessusOracle Linux Local Security Checks
high
67953Oracle Linux 5 : kernel (ELSA-2009-1548)NessusOracle Linux Local Security Checks
high
67952Oracle Linux 4 : kernel (ELSA-2009-1541)NessusOracle Linux Local Security Checks
high
67070CentOS 3 : kernel (CESA-2009:1550)NessusCentOS Local Security Checks
high
67068CentOS 5 : kernel (CESA-2009:1548)NessusCentOS Local Security Checks
high
67067CentOS 4 : kernel (CESA-2009:1541)NessusCentOS Local Security Checks
high
65044Scientific Linux Security Update : kernel on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
63910RHEL 5 : kernel (RHSA-2009:1672)NessusRed Hat Local Security Checks
high
63902RHEL 4 : kernel (RHSA-2009:1588)NessusRed Hat Local Security Checks
medium
63901RHEL 5 : kernel (RHSA-2009:1587)NessusRed Hat Local Security Checks
high
60689Scientific Linux Security Update : kernel on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60688Scientific Linux Security Update : kernel on SL3.x i386/x86_64NessusScientific Linux Local Security Checks
high
59140SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6636)NessusSuSE Local Security Checks
high
48161Mandriva Linux Security Advisory : kernel (MDVSA-2009:329)NessusMandriva Local Security Checks
high
47150VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernelNessusVMware ESX Local Security Checks
high
46765VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updatesNessusVMware ESX Local Security Checks
high
44993VMSA-2010-0004 : ESX Service Console and vMA third-party updatesNessusVMware ESX Local Security Checks
high
44794Debian DSA-1929-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leakNessusDebian Local Security Checks
high
44793Debian DSA-1928-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leakNessusDebian Local Security Checks
high
44792Debian DSA-1927-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leakNessusDebian Local Security Checks
high
44621openSUSE Security Update : kernel (kernel-1908)NessusSuSE Local Security Checks
critical
43631SuSE 11.2 Security Update: kernel (2009-12-18)NessusSuSE Local Security Checks
high
43026Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : linux, linux-source-2.6.15 vulnerabilities (USN-864-1)NessusUbuntu Local Security Checks
high
42990SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)NessusSuSE Local Security Checks
high
42952openSUSE Security Update : kernel (kernel-1593)NessusSuSE Local Security Checks
high
42812SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)NessusSuSE Local Security Checks
high
42465SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6632)NessusSuSE Local Security Checks
high
42402Fedora 10 : kernel-2.6.27.38-170.2.113.fc10 (2009-11038)NessusFedora Local Security Checks
high
42400Fedora 11 : kernel-2.6.30.9-96.fc11 (2009-11032)NessusFedora Local Security Checks
high
42360RHEL 3 : kernel (RHSA-2009:1550)NessusRed Hat Local Security Checks
high
42358RHEL 5 : kernel (RHSA-2009:1548)NessusRed Hat Local Security Checks
high
42357RHEL 4 : kernel (RHSA-2009:1541)NessusRed Hat Local Security Checks
high