4.9

CVE-2009-0269

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.28.1
OpensuseOpensuse Version10.3
OpensuseOpensuse Version11.0
OpensuseOpensuse Version11.1
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04
CanonicalUbuntu Linux Version8.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.5% 0.389
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://secunia.com/advisories/37471
Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316
Broken Link
http://secunia.com/advisories/33758
Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0326.html
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
Mailing List
http://secunia.com/advisories/35390
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html
Mailing List
http://secunia.com/advisories/34981
Broken Link
http://www.debian.org/security/2009/dsa-1787
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
Mailing List
http://secunia.com/advisories/34394
Broken Link
http://secunia.com/advisories/35394
Broken Link
http://www.debian.org/security/2009/dsa-1749
Mailing List
http://www.ubuntu.com/usn/usn-751-1
Third Party Advisory
http://secunia.com/advisories/34502
Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0360.html
Broken Link
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4
Broken Link
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:118
Broken Link
http://www.securityfocus.com/bid/33412
Patch
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/48188
Broken Link
VDB Entry
https://lists.launchpad.net/ecryptfs-devel/msg00010.html
Third Party Advisory
Mailing List
https://lists.launchpad.net/ecryptfs-devel/msg00011.html
Third Party Advisory
Mailing List
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8169
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8944
Broken Link