CVE-2009-1935 : Integer overflow in the pipe_build_write_buffer function (sys/kern/sys

Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pages via unspecified vectors.

Published 2009-06-18 18:30:00

Updated 2017-08-17 01:30:35

Source FreeBSD

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2009-1935

Freebsd » Freebsd » Version: 6.4
cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 6.3
cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 6.3 Releng
cpe:2.3:o:freebsd:freebsd:6.3_releng:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1
cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1 Update RC1
cpe:2.3:o:freebsd:freebsd:7.1:rc1:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 6.4 Update Stable
cpe:2.3:o:freebsd:freebsd:6.4:stable:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 6.4 Update Release P4
cpe:2.3:o:freebsd:freebsd:6.4:release_p4:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.2 Update Pre-release
cpe:2.3:o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.2
cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1 Update Pre-release
cpe:2.3:o:freebsd:freebsd:7.1:pre-release:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1 Update Stable
cpe:2.3:o:freebsd:freebsd:7.1:stable:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1 Update Release-p1
cpe:2.3:o:freebsd:freebsd:7.1:release-p1:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1 Update Release-p2
cpe:2.3:o:freebsd:freebsd:7.1:release-p2:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 7.1 Update Release-p5
cpe:2.3:o:freebsd:freebsd:7.1:release-p5:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 6.3 Update Release P10
cpe:2.3:o:freebsd:freebsd:6.3:release_p10:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2009-1935

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2009-1935

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.9	MEDIUM	AV:L/AC:L/Au:N/C:C/I:N/A:N	3.9	6.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: None Availability Impact: None

CWE ids for CVE-2009-1935

CWE-189

Assigned by: nvd@nist.gov (Primary)

References for CVE-2009-1935

http://www.securitytracker.com/id?1022365
http://security.freebsd.org/patches/SA-09:09/pipe.patch

Exploit;Vendor Advisory
http://www.securityfocus.com/bid/35279
https://exchange.xforce.ibmcloud.com/vulnerabilities/51109
http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc

Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2009-1935

Products affected by CVE-2009-1935

Exploit prediction scoring system (EPSS) score for CVE-2009-1935

CVSS scores for CVE-2009-1935

CWE ids for CVE-2009-1935

References for CVE-2009-1935