cpe:/o:linux:linux_kernel:2.6.18 cpe:/o:linux:linux_kernel:2.6.18:rc1 cpe:/o:linux:linux_kernel:2.6.18:rc2 cpe:/o:linux:linux_kernel:2.6.18:rc3 cpe:/o:linux:linux_kernel:2.6.18:rc4 cpe:/o:linux:linux_kernel:2.6.18:rc5 cpe:/o:linux:linux_kernel:2.6.18:rc6 cpe:/o:linux:linux_kernel:2.6.18:rc7 CVE-2009-1388 2009-07-05T12:30:00.313-04:00 2017-09-28T21:34:21.373-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2009-07-06T07:58:00.000-04:00 BUGTRAQ 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components BID 35559 SECUNIA 36131 SECUNIA 37471 OSVDB 55679 VUPEN ADV-2009-3316 REDHAT RHSA-2009:1193 MLIST [oss-security] 20090702 CVE-2009-1388 kernel: do_coredump() vs ptrace_start() deadlock CONFIRM http://www.vmware.com/security/advisories/VMSA-2009-0016.html CONFIRM https://bugzilla.redhat.com/attachment.cgi?id=346615 CONFIRM https://bugzilla.redhat.com/attachment.cgi?id=346742 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=504263 The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the do_coredump function, which allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread.