CVE-2009-0935 - CERT CVE
ID CVE-2009-0935
Sažetak The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.
Reference
CVSS
Base: 4.7
Impact: 6.9
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE COMPLETE
CVSS vektor AV:L/AC:M/Au:N/C:N/I:N/A:C
Zadnje važnije ažuriranje 09-02-2024 - 00:39
Objavljeno 18-03-2009 - 02:00