← Back

CVE-2009-1961

nvd nist
Published: Jun 8, 2009Modified: Apr 23, 2026

JSON object

Loading...
4.7
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.0 / Impact: 3.6
Source: NVD

Description

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.

Affected (15)

Show all products
Linux: Linux Kernel · Debian: Debian Linux · Canonical: Ubuntu Linux · Opensuse: Opensuse · Suse: Linux Enterprise, Linux Enterprise Desktop, Linux Enterprise Server
Linux
1 product
Linux Kernel
Debian
1 product
Debian Linux
Canonical
1 product
Ubuntu Linux
Opensuse
1 product
Opensuse
Suse
3 products
Linux Enterprise
Linux Enterprise Desktop
Linux Enterprise Server
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Up to 2.6.19
Linux Kernel
From 2.6.27 to 2.6.27.24
Linux Kernel
From 2.6.29 to 2.6.29.4
Linux Kernel
Version 2.6.30 rc1
Linux Kernel
Version 2.6.30 rc2
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 4.0
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 6.06
Ubuntu Linux
Version 8.04
Ubuntu Linux
Version 8.10
Ubuntu Linux
Version 9.04
Configuration D
5 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 10.3
Opensuse
Version 11.1
Linux Enterprise
Version 11.0
Linux Enterprise Desktop
Version 11
Linux Enterprise Server
Version 11

Related CWEs

CWE-667
Improper Locking
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References (40)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Mailing ListPatch
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Mailing ListPatch
Source: cve@mitre.org
ExploitMailing ListPatch
Source: cve@mitre.org
ExploitMailing List
Source: cve@mitre.org
ExploitMailing List
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing List
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.