Vulnerability Details : CVE-2009-4410

The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service (panic) via unknown vectors.

Vulnerability category: Denial of service

Published 2009-12-24 16:30:00

Updated 2012-03-19 04:00:00

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2009-4410

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-4410

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.9	MEDIUM	AV:L/AC:L/Au:N/C:N/I:N/A:C	3.9	6.9	[email protected]
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

Vendor statements for CVE-2009-4410

Red Hat 2009-12-31

Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 and Red Hat Enterprise MRG. Shipped kernels do not include upstream commit 59efec7b that introduced the problem.

References for CVE-2009-4410

Products affected by CVE-2009-4410

Linux » Linux Kernel » Version: 2.6.30
cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29 Update Rc8-kk
cpe:2.3:o:linux:linux_kernel:2.6.29:rc8-kk:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.rc1
cpe:2.3:o:linux:linux_kernel:2.6.29.rc1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.rc2
cpe:2.3:o:linux:linux_kernel:2.6.29.rc2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.rc2-git1
cpe:2.3:o:linux:linux_kernel:2.6.29.rc2-git1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29
cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.2
cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.3
cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.4
cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.5
cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.6
cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29.1
cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update RC3
cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.2
cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update RC5
cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update Rc7-git6
cpe:2.3:o:linux:linux_kernel:2.6.30:rc7-git6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update RC4 X86 32 Edition
cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:x86_32:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.3
cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30 Update RC6
cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.9
cpe:2.3:o:linux:linux_kernel:2.6.30.9:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.4
cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.7
cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.5
cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29 Update RC2
cpe:2.3:o:linux:linux_kernel:2.6.29:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29 Update Rc2 Git7
cpe:2.3:o:linux:linux_kernel:2.6.29:rc2_git7:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.6
cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.8
cpe:2.3:o:linux:linux_kernel:2.6.30.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.1
cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29 Update Git1
cpe:2.3:o:linux:linux_kernel:2.6.29:git1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.29 Update RC1
cpe:2.3:o:linux:linux_kernel:2.6.29:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.30.y
cpe:2.3:o:linux:linux_kernel:2.6.30.y:*:*:*:*:*:*:*
Matching versions