Vulnerability Details : CVE-2009-1388

The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the do_coredump function, which allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread.

Vulnerability category: Denial of service

Published 2009-07-05 16:30:00

Updated 2018-10-10 19:36:31

Source Red Hat, Inc.

View at NVD, CVE.org

Threat overview for CVE-2009-1388

Top countries where our scanners detected CVE-2009-1388

Top open port discovered on systems with this issue 5000

IPs affected by CVE-2009-1388 142

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2009-1388!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2009-1388

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-1388

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.9	MEDIUM	AV:L/AC:L/Au:N/C:N/I:N/A:C	3.9	6.9	nvd@nist.gov
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2009-1388

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2009-1388

Red Hat 2009-08-05

This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG. It was addressed in Red Hat Enterprise 5 via: https://rhn.redhat.com/errata/RHSA-2009-1193.html

References for CVE-2009-1388

https://bugzilla.redhat.com/attachment.cgi?id=346615

Patch
http://www.vmware.com/security/advisories/VMSA-2009-0016.html

VMSA-2009-0016.6

CVEs referencing this url
http://www.vupen.com/english/advisories/2009/3316

Webmail: access your OVH emails on ovhcloud.com | OVHcloud

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2009-1193.html

CVEs referencing this url
http://marc.info/?l=oss-security&m=124654277229434&w=2

Patch
https://bugzilla.redhat.com/show_bug.cgi?id=504263

Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8625
https://bugzilla.redhat.com/attachment.cgi?id=346742

Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8680
http://www.securityfocus.com/bid/35559
http://www.securityfocus.com/archive/1/507985/100/0/threaded

CVEs referencing this url

Products affected by CVE-2009-1388

Linux » Linux Kernel » Version: 2.6.18 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18 Update RC5
cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18 Update RC4
cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18
cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18 Update RC6
cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.18 Update RC7
cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*
Matching versions