Vulnerability Details : CVE-2009-0838
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
Vulnerability category: Denial of service
Products affected by CVE-2009-0838
- cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_99:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_98:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_88:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_94:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_93:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_94:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_95:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_89:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_95:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_91:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_98:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_96:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_97:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_96:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_92:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_99:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_97:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_89:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_90:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_88:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_90:x86:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_93:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_92:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_91:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_94:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_101b:*:*:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_95:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0838
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0838
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2009-0838
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0838
-
http://support.avaya.com/elmodocs2/security/ASA-2009-097.htm
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/49105
-
http://www.vupen.com/english/advisories/2009/0815
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5641
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-254088-1
Patch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2009/0606
Vendor Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-21-139498-04-1
Patch;Vendor Advisory
-
http://securitytracker.com/id?1021810
-
http://www.securityfocus.com/bid/34000
Jump to