CVE-2009-3620

Published: Oct 22, 2009Modified: Apr 23, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.

Affected (16)

Products: Linux: Linux Kernel · Fedoraproject: Fedora · Canonical: Ubuntu Linux · +3 more

Show all products

Linux: Linux Kernel · Fedoraproject: Fedora · Canonical: Ubuntu Linux · Redhat: Mrg Realtime · Opensuse: Opensuse · Suse: Linux Enterprise Debuginfo, Linux Enterprise Desktop, Linux Enterprise Server

1 product

1 product

1 product

1 product

1 product

3 products

Linux Enterprise Debuginfo

Linux Enterprise Desktop

Linux Enterprise Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.31.1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 10

Configuration C

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 6.06
Canonical Ubuntu Linux	Version 8.04
Canonical Ubuntu Linux	Version 8.10
Canonical Ubuntu Linux	Version 9.04
Canonical Ubuntu Linux	Version 9.10

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Mrg Realtime	Version 1.0

Configuration E

8 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.0
Suse Linux Enterprise Debuginfo	Version 10 sp2
Suse Linux Enterprise Debuginfo	Version 10 sp3
Suse Linux Enterprise Desktop	Version 10 sp2
Suse Linux Enterprise Desktop	Version 10 sp3
Suse Linux Enterprise Server	Version 10 sp2
Suse Linux Enterprise Server	Version 10 sp3
Suse Linux Enterprise Server	Version 8

Related CWEs

CWE-476

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

CWE-908

Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

References (54)

http://article.gmane.org/gmane.linux.kernel/892259

Source: secalert@redhat.com

Broken Link

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7

Source: secalert@redhat.com

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html

Source: secalert@redhat.com

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html

Source: secalert@redhat.com

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

Source: secalert@redhat.com

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html

Source: secalert@redhat.com

Mailing List

http://lists.vmware.com/pipermail/security-announce/2010/000082.html

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/36707

Source: secalert@redhat.com

Broken LinkVendor Advisory

http://secunia.com/advisories/37909

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/38794

Source: secalert@redhat.com

Broken Link

http://secunia.com/advisories/38834

Source: secalert@redhat.com

Broken Link

http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log

Source: secalert@redhat.com

Broken LinkPatch

http://www.mandriva.com/security/advisories?name=MDVSA-2010:088

Source: secalert@redhat.com

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

Source: secalert@redhat.com

Broken Link

http://www.openwall.com/lists/oss-security/2009/10/19/1

Source: secalert@redhat.com

Mailing ListPatch

http://www.openwall.com/lists/oss-security/2009/10/19/3

Source: secalert@redhat.com

Mailing ListPatch

http://www.redhat.com/support/errata/RHSA-2009-1670.html

Source: secalert@redhat.com

Broken Link

http://www.redhat.com/support/errata/RHSA-2009-1671.html

Source: secalert@redhat.com

Broken Link

http://www.redhat.com/support/errata/RHSA-2010-0882.html

Source: secalert@redhat.com

Broken Link

http://www.securityfocus.com/bid/36824

Source: secalert@redhat.com

Broken LinkThird Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/usn-864-1

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2010/0528

Source: secalert@redhat.com

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=529597

Source: secalert@redhat.com

Issue Tracking

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763

Source: secalert@redhat.com

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891

Source: secalert@redhat.com

Broken Link

https://rhn.redhat.com/errata/RHSA-2009-1540.html

Source: secalert@redhat.com

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html

Source: secalert@redhat.com

Mailing ListRelease Notes

http://article.gmane.org/gmane.linux.kernel/892259