Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12454
HistoryOct 12, 2009 - 12:00 a.m.

Linux Kernel eCryptfs空指针引用本地拒绝服务漏洞

2009-10-1200:00:00
Root
www.seebug.org
25

0.0004 Low

EPSS

Percentile

10.3%

JSON

BUGTRAQ ID: 36639
CVE ID: CVE-2009-2908

Linux Kernel是开放源码操作系统Linux所使用的内核。

在对低位的dentry调用vfs_unlink()时,如果d_count为1则d_delete()会将dentry转换为负数的dentry。在执行read()或write()时ecryptfs_read_update_atime()或ecryptfs_getxattr()中引用了负数的 dentry会触发空指针引用,导致拒绝服务的情况。

Linux kernel 2.6.x
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git;a=commit;h=afc2b6932f48f200736d3e36ad66fee0ec733136

Related

seebug 1
prion 1
veracode 1
cvelist 1
nvd 1
cve 1
ubuntucve 1
nessus 16
openvas 36
centos 1
redhat 2
oraclelinux 2
fedora 8
osv 2
debian 2
securityvulns 2
ubuntu 1
vmware 4
seebug
seebug
Linux Kernel eCryptfs Null指针引用本地拒绝服务漏洞
2009-10-09 00:00:00
prion
prion
Null pointer dereference
2009-10-13 10:30:00
veracode
veracode
Privilege Escalation
2020-04-10 00:39:02
cvelist
cvelist
CVE-2009-2908
2009-10-13 10:00:00
nvd
nvd
CVE-2009-2908
2009-10-13 10:30:00
cve
cve
CVE-2009-2908
2009-10-13 10:30:00
ubuntucve
ubuntucve
CVE-2009-2908
2009-10-13 00:00:00
nessus
nessus
Fedora 10 : kernel-2.6.27.37-170.2.104.fc10 (2009-10525)
2009-10-16 00:00:00
Mandriva Linux Security Advisory : kernel (MDVSA-2009:289)
2009-10-28 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2013-03-06 00:00:00
openvas
openvas
Mandriva Security Advisory MDVSA-2009:289 (kernel)
2009-11-11 00:00:00
Mandriva Security Advisory MDVSA-2009:289 (kernel)
2009-11-11 00:00:00
Oracle: Security Advisory (ELSA-2009-1548)
2015-10-08 00:00:00
centos
centos
kernel security update
2009-11-04 19:57:14
redhat
redhat
(RHSA-2009:1548) Important: kernel security and bug fix update
2009-11-03 00:00:00
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-11-03 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-90.fc11
2009-10-27 06:48:07
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-96.fc11
2009-11-06 00:03:20
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-102.fc11
2009-12-07 07:27:49
osv
osv
linux-2.6 - several vulnerabilities
2009-10-22 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
debian
debian
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 15:58:04
[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-11-05 22:03:48
securityvulns
securityvulns
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 00:00:00
Linux kernel multiple security vulnerabilities
2009-11-08 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

0.0004 Low

EPSS

Percentile

10.3%

JSON
Related for SSV:12454
seebug1prion1veracode1cvelist1nvd1cve1ubuntucve1nessus16openvas36centos1redhat2oraclelinux2fedora8osv2debian2securityvulns2ubuntu1vmware4