Vulnerability Details : CVE-2009-2908
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2009-2908
- cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*
Threat overview for CVE-2009-2908
Top countries where our scanners detected CVE-2009-2908
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2009-2908 186
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2009-2908!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2009-2908
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2908
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
Vendor statements for CVE-2009-2908
-
Red Hat 2009-11-04The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG do not include support for eCryptfs, and therefore are not affected by this issue. It was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2009-1548.html
References for CVE-2009-2908
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10216
-
http://www.vupen.com/english/advisories/2010/0528
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
https://bugzilla.redhat.com/show_bug.cgi?id=527534
-
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
502 Bad Gateway
-
https://bugs.launchpad.net/ecryptfs/+bug/387073
-
http://www.securityfocus.com/bid/36639
Patch
-
http://www.openwall.com/lists/oss-security/2009/10/06/1
-
http://www.ubuntu.com/usn/USN-852-1
USN-852-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntu
-
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html
-
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git%3Ba=commit%3Bh=afc2b6932f48f200736d3e36ad66fee0ec733136
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6992
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/53693
-
https://rhn.redhat.com/errata/RHSA-2009-1548.html
RHSA-2009:1548 - Security Advisory - Red Hat Customer Portal
Jump to