[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-3621Date: (C)2009-10-22   (M)2024-02-22


net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score : 4.9
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: COMPLETE
Integrity: NONE 
Availability: HIGH 
  
Reference:
SECUNIA-37086
SECUNIA-37909
SECUNIA-38017
SECUNIA-38794
SECUNIA-38834
ADV-2010-0528
FEDORA-2009-11038
MDVSA-2009:329
RHSA-2009:1540
RHSA-2009:1670
RHSA-2009:1671
SUSE-SA:2009:061
SUSE-SA:2009:064
SUSE-SA:2010:001
SUSE-SA:2010:012
SUSE-SA:2010:013
USN-864-1
http://lkml.org/lkml/2009/10/19/50
http://www.openwall.com/lists/oss-security/2009/10/19/2
http://www.openwall.com/lists/oss-security/2009/10/19/4
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675
http://patchwork.kernel.org/patch/54678/
https://bugzilla.redhat.com/show_bug.cgi?id=529626
oval:org.mitre.oval:def:6895
oval:org.mitre.oval:def:9921

CWE    1
CWE-400
OVAL    24
oval:org.secpod.oval:def:202196
oval:org.secpod.oval:def:202058
oval:org.secpod.oval:def:201966
oval:org.secpod.oval:def:400025
...

© SecPod Technologies