Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0745

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2009-0745
Last Modified 22 Jan 2013 11:13:23
Published 27 Feb 2009 12:30:09
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-0745

Summary

The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for crafted values to be present in available memory.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.27

  • Linux Kernel 2.6.27.1

  • Linux Kernel 2.6.27.10

  • Linux Kernel 2.6.27.11

  • Linux Kernel 2.6.27.12

  • Linux Kernel 2.6.27.13

  • Linux Kernel 2.6.27.14

  • Linux Kernel 2.6.27.15

  • Linux Kernel 2.6.27.16

  • Linux Kernel 2.6.27.17

  • Linux Kernel 2.6.27.18

  • Linux Kernel 2.6.27.2

  • Linux Kernel 2.6.27.3

  • Linux Kernel 2.6.27.4

  • Linux Kernel 2.6.27.5

  • Linux Kernel 2.6.27.6

  • Linux Kernel 2.6.27.7

  • Linux Kernel 2.6.27.8

  • Linux Kernel 2.6.27.9

  • Linux Kernel 2.6.28

  • Linux Kernel 2.6.28.1

  • Linux Kernel 2.6.28.2

  • Linux Kernel 2.6.28.3

  • Linux Kernel 2.6.28.4

  • Linux Kernel 2.6.28.5

  • Linux Kernel 2.6.28.6


References

VUPEN - ADV-2009-3316

VUPEN - ADV-2009-0509

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

UBUNTU - USN-751-1

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

DEBIAN - DSA-1787

DEBIAN - DSA-1749

SECUNIA - 37471

SECUNIA - 34981

SECUNIA - 34394

CONFIRM - http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.7

CONFIRM - http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.19

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fdff73f094e7220602cc3f8959c7230517976412

CONFIRM - http://bugzilla.kernel.org/show_bug.cgi?id=12433

SECUNIA - 36562

REDHAT - RHSA-2009:1243


Last Updated: 27 May 2016 10:49:34