Lucene search
Ubuntu.comUB:CVE-2009-3288HistorySep 22, 2009 - 12:00 a.m.
CVE-2009-3288
2009-09-2200:00:00
ubuntu.com
ubuntu.com
10
CVSS2
4.9
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS
0
Percentile
9.8%
The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel
2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an
array, which allows local users to cause a denial of service (kernel OOPS
and NULL pointer dereference), as demonstrated by using xcdroast to
duplicate a CD. NOTE: this is only exploitable by users who can open the
cdrom device.
Related
prion
prion
Null pointer dereference
2009-09-22 10:30:00
seebug
seebug
Linux Kernel sg_build_indirectε½ζ°ζ¬ε°ζη»ζε‘ζΌζ΄
2009-09-23 00:00:00
nvd
nvd
CVE-2009-3288
2009-09-22 10:30:00
redhatcve
redhatcve
CVE-2009-3288
2015-10-30 10:35:09
cvelist
cvelist
CVE-2009-3288
2009-09-22 10:00:00
cve
cve
CVE-2009-3288
2009-09-22 10:30:00
securityvulns
securityvulns
rPSA-2010-0037-1 kernel
2010-05-11 00:00:00
Linux kernel DoS
2010-05-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-852-1)
2022-08-26 00:00:00
nessus
nessus
CVSS2
4.9
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS
0
Percentile
9.8%
Related for UB:CVE-2009-3288