← Back

CVE-2009-3547

nvd nist
Published: Nov 4, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Affected (32)

Products: Linux: Linux Kernel · Novell: Linux Desktop · Opensuse: Opensuse · +5 more
Show all products
Linux: Linux Kernel · Novell: Linux Desktop · Opensuse: Opensuse · Suse: Suse Linux Enterprise Desktop, Suse Linux Enterprise Server · Canonical: Ubuntu Linux · Fedoraproject: Fedora · Vmware: Esx, Vma · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Workstation, Mrg Realtime
Linux
1 product
Linux Kernel
Novell
1 product
Linux Desktop
Opensuse
1 product
Opensuse
Suse
2 products
Suse Linux Enterprise Desktop
Suse Linux Enterprise Server
Canonical
1 product
Ubuntu Linux
Fedoraproject
1 product
Fedora
Vmware
2 products
Esx
Vma
Redhat
5 products
Enterprise Linux Desktop
Enterprise Linux Eus
Enterprise Linux Server
Enterprise Linux Workstation
Mrg Realtime
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Up to 2.6.31.14
Linux Kernel
Version 2.6.32
Linux Kernel
Version 2.6.32 rc1
Linux Kernel
Version 2.6.32 rc2
Linux Kernel
Version 2.6.32 rc3
Linux Kernel
Version 2.6.32 rc4
Linux Kernel
Version 2.6.32 rc5
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Linux Desktop
Version 9
Opensuse
Opensuse
Version 11.0
Opensuse
Version 11.2
Suse Linux Enterprise Desktop
Version 10 sp2
Suse Linux Enterprise Server
Version 10 sp2
Configuration C
5 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 6.06
Ubuntu Linux
Version 8.04
Ubuntu Linux
Version 8.10
Ubuntu Linux
Version 9.04
Ubuntu Linux
Version 9.10
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Fedora
Version 10
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Esx
Version 4.0
Vma
Version 4.0
Configuration F
12 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux Desktop
Version 3.0
Enterprise Linux Desktop
Version 4.0
Enterprise Linux Desktop
Version 5.0
Redhat
Enterprise Linux Eus
Version 4.8
Enterprise Linux Eus
Version 5.4
Redhat
Enterprise Linux Server
Version 3.0
Enterprise Linux Server
Version 4.0
Enterprise Linux Server
Version 5.0
Redhat
Enterprise Linux Workstation
Version 3.0
Enterprise Linux Workstation
Version 4.0
Enterprise Linux Workstation
Version 5.0
Mrg Realtime
Version 1.0

Related CWEs

CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.
CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
CWE-672
Operation on a Resource after Expiration or Release
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

References (58)

Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Broken LinkMailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
ExploitMailing List
Source: secalert@redhat.com
Mailing ListPatch
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken LinkThird Party AdvisoryVDB Entry
Source: secalert@redhat.com
Broken LinkExploitThird Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
Broken LinkThird Party Advisory
Source: secalert@redhat.com
Broken LinkThird Party Advisory
Source: secalert@redhat.com
Broken LinkThird Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkMailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List

Timeline

No history available yet.