CVE-2009-0746

Published Feb 27, 2009

Last updated a year ago

CVSS info 4.9

Overview

Description: The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Vendor comments

Red HatThis issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG. This issue was addressed in Red Hat Enterprise Linux 5 by https://rhn.redhat.com/errata/RHSA-2009-1243.html

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "856FE78A-29B5-4411-98A0-4B0281C17EB9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "324B5A3E-FA65-4F02-9B8F-872F38CD1808"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C75A8FC4-58D2-4B6A-9D8E-FF12DF52E249"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE21E2AE-9E01-471C-A419-6AB40A49C2F0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADFC2D46-65D0-426F-9AF8-8C910AE91D49"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11795F8E-7ACD-4597-9194-FC7241DCE057"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60F381E1-F3C5-49BE-B094-4D90E7B108F1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D82A6217-CFA6-4E72-8BED-0297E13EABF6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CEA1AF2-2DE7-4B38-987D-15FFA70F06B8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7954A701-1671-4080-B1E6-47E0208FD28C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63D06512-EAF0-48C6-98F0-066E63FF07EC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F35DA6B-C6D4-47CC-97E7-9659DCFDD162"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D75B48F1-623A-4B96-9E08-4AA2DE748490"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E6EB7C3-D9AB-43E7-8B78-2C36AE920935"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FC87A28-C6A1-4E90-BD9F-A5BE1985DB50"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0383E2A5-60EE-47F3-9DA8-BF75028D511F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8B0C229-2A79-47E0-856A-2AE0FF97B967"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB27B247-D6BF-49C4-B113-76C9A47B7DCD"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F94BA1B0-52B9-4303-9C41-3ACC3AC1945E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26BD805F-08EB-42EC-BC54-26A7278E5089"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "217715A5-E69D-45C0-B8E4-5681528C651B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A87AD66C-4321-4459-8556-3B0BA38C493A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87A347E0-9C0B-4674-9363-3C36DA27AC45"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E0F3DF0-6BD0-4560-9A13-C6493939D8B0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4BE1DF7-99CB-416B-B6F9-EC40FBD7D1C6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B93AF773-FBB4-4A4A-ADD5-ADA40C24CD36"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References