CVE: CVE-2009-0269

Export to Word

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

S10 – Denial of Service

EPSS

Score: 0.00082
Percentile: 0.24924

CVSS Scoring

CVSS v2 Score: 4.9

Severity:

Mapped CWE(s)

CWE-787 : Out-of-bounds Write

Affected Products

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

← Back to Home