7.2
CVE-2009-3080
- EPSS 0.07%
- Published 20.11.2009 17:30:00
- Last modified 09.04.2025 00:30:58
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 2.6.31.6
Linux ≫ Linux Kernel Version2.6.32 Update-
Linux ≫ Linux Kernel Version2.6.32 Updaterc1
Linux ≫ Linux Kernel Version2.6.32 Updaterc3
Linux ≫ Linux Kernel Version2.6.32 Updaterc4
Linux ≫ Linux Kernel Version2.6.32 Updaterc5
Suse ≫ Linux Enterprise Desktop Version10 Updatesp2
Suse ≫ Linux Enterprise Desktop Version10 Updatesp3
Suse ≫ Linux Enterprise Server Version10 Updatesp2 SwEdition-
Suse ≫ Linux Enterprise Server Version10 Updatesp3 SwEdition-
Debian ≫ Debian Linux Version4.0
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version8.04
Canonical ≫ Ubuntu Linux Version8.10
Canonical ≫ Ubuntu Linux Version9.04
Canonical ≫ Ubuntu Linux Version9.10
Redhat ≫ Virtualization Version5.0
Redhat ≫ Enterprise Linux Desktop Version5.0
Redhat ≫ Enterprise Linux Eus Version5.4
Redhat ≫ Enterprise Linux Server Version5.0
Redhat ≫ Enterprise Linux Server Workstation Version5.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.185 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.