Executive Summary

Informations
Name CVE-2009-2849 First vendor Publication 2009-08-18
Vendor Cve Last vendor Modification 2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:N/I:N/A:C)
Cvss Base Score 4.7 Attack Range Local
Cvss Impact Score 6.9 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10396
 
Oval ID: oval:org.mitre.oval:def:10396
Title: The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.
Description: The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2849
 Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13505
 
Oval ID: oval:org.mitre.oval:def:13505
Title: DSA-1872-1 linux-2.6 -- denial of service/privilege escalation/information leak
Description: CVE-2009-2698 Herbert Xu discovered an issue in the way UDP tracks corking status that could allow local users to cause a denial of service. Tavis Ormandy and Julien Tinnes discovered that this issue could also be used by local users to gain elevated privileges. CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture. Local users could exploit this issue to gain access to restricted memory. CVE-2009-2847 Ulrich Drepper noticed an issue in the do_sigalstack routine on 64-bit systems. This issue allows local users to gain access to potentially sensitive memory on the kernel stack. CVE-2009-2848 Eric Dumazet discovered an issue in the execve path, where the clear_child_tid variable was not being properly cleared. Local users could exploit this issue to cause a denial of service. CVE-2009-2849 Neil Brown discovered an issue in the sysfs interface to md devices. When md arrays are not active, local users can exploit this vulnerability to cause a denial of service. For the oldstable distribution, this problem has been fixed in version 2.6.18.dfsg.1-24etch4. We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. The following matrix lists additional source packages that were rebuilt for compatability with or to take advantage of this update: Debian 4.0 fai-kernels 1.17+etch.24etch4 user-mode-linux 2.6.18-1um-2etch.24etch4
Family: unix Class: patch
Reference(s): DSA-1872-1
CVE-2009-2698
CVE-2009-2846
CVE-2009-2847
CVE-2009-2848
CVE-2009-2849
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22733
 
Oval ID: oval:org.mitre.oval:def:22733
Title: ELSA-2009:1455: kernel security and bug fix update (Moderate)
Description: The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.
Family: unix Class: patch
Reference(s): ELSA-2009:1455-03
CVE-2009-2849
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8168
 
Oval ID: oval:org.mitre.oval:def:8168
Title: DSA-1872 linux-2.6 -- denial of service/privilege escalation/information leak
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation or a leak of sensitive memory. The Common Vulnerabilities and Exposures project identifies the following problems: Herbert Xu discovered an issue in the way UDP tracks corking status that could allow local users to cause a denial of service (system crash). Tavis Ormandy and Julien Tinnes discovered that this issue could also be used by local users to gain elevated privileges. Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture. Local users could exploit this issue to gain access to restricted memory. Ulrich Drepper noticed an issue in the do_sigalstack routine on 64-bit systems. This issue allows local users to gain access to potentially sensitive memory on the kernel stack. Eric Dumazet discovered an issue in the execve path, where the clear_child_tid variable was not being properly cleared. Local users could exploit this issue to cause a denial of service (memory corruption). Neil Brown discovered an issue in the sysfs interface to md devices. When md arrays are not active, local users can exploit this vulnerability to cause a denial of service (oops).
Family: unix Class: patch
Reference(s): DSA-1872
CVE-2009-2698
CVE-2009-2846
CVE-2009-2847
CVE-2009-2848
CVE-2009-2849
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 1152

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for kernel CESA-2009:1455 centos5 i386
File : nvt/gb_CESA-2009_1455_kernel_centos5_i386.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1540
File : nvt/RHSA_2009_1540.nasl
2009-11-11 Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24)
File : nvt/deb_1928_1.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1455 (kernel)
File : nvt/ovcesa2009_1455.nasl
2009-10-06 Name : RedHat Security Advisory RHSA-2009:1455
File : nvt/RHSA_2009_1455.nasl
2009-09-02 Name : Debian Security Advisory DSA 1872-1 (linux-2.6)
File : nvt/deb_1872_1.nasl
2009-09-02 Name : Fedora Core 11 FEDORA-2009-9044 (kernel)
File : nvt/fcore_2009_9044.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
57209 Linux Kernel drivers/md/md.c Multiple Function NULL Dereference Local DoS

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1455.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2010-03-05 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1928.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1872.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1455.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-852-1.nasl - Type : ACT_GATHER_INFO
2009-09-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1455.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote Fedora host is missing a security update.
File : fedora_2009-9044.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git%3Ba=commi...
Source Url
CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.2
FEDORA https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256....
MISC http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dere...
MLIST http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://www.openwall.com/lists/oss-security/2009/07/24/1
http://www.openwall.com/lists/oss-security/2009/07/26/1
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT https://rhn.redhat.com/errata/RHSA-2009-1540.html
SECTRACK http://www.securitytracker.com/id?1022961
SECUNIA http://secunia.com/advisories/36501
http://secunia.com/advisories/37105
http://secunia.com/advisories/38794
http://secunia.com/advisories/38834
UBUNTU http://www.ubuntu.com/usn/USN-852-1
VUPEN http://www.vupen.com/english/advisories/2010/0528
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/52858

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
Date Informations
2024-02-02 01:11:30
  • Multiple Updates
2024-02-01 12:03:12
  • Multiple Updates
2023-11-07 21:47:41
  • Multiple Updates
2023-09-05 12:10:46
  • Multiple Updates
2023-09-05 01:03:03
  • Multiple Updates
2023-09-02 12:10:52
  • Multiple Updates
2023-09-02 01:03:05
  • Multiple Updates
2023-08-12 12:12:45
  • Multiple Updates
2023-08-12 01:03:04
  • Multiple Updates
2023-08-11 12:10:52
  • Multiple Updates
2023-08-11 01:03:12
  • Multiple Updates
2023-08-06 12:10:29
  • Multiple Updates
2023-08-06 01:03:06
  • Multiple Updates
2023-08-04 12:10:34
  • Multiple Updates
2023-08-04 01:03:08
  • Multiple Updates
2023-07-14 12:10:31
  • Multiple Updates
2023-07-14 01:03:06
  • Multiple Updates
2023-03-29 01:12:01
  • Multiple Updates
2023-03-28 12:03:12
  • Multiple Updates
2022-10-11 12:09:22
  • Multiple Updates
2022-10-11 01:02:55
  • Multiple Updates
2022-03-11 01:07:51
  • Multiple Updates
2021-05-04 12:09:57
  • Multiple Updates
2021-04-22 01:10:20
  • Multiple Updates
2020-08-08 01:04:30
  • Multiple Updates
2020-08-01 12:04:32
  • Multiple Updates
2020-07-30 01:04:40
  • Multiple Updates
2020-05-23 01:40:45
  • Multiple Updates
2020-05-23 00:24:11
  • Multiple Updates
2019-01-25 12:02:50
  • Multiple Updates
2018-10-30 12:03:01
  • Multiple Updates
2017-09-19 09:23:21
  • Multiple Updates
2017-08-17 09:22:41
  • Multiple Updates
2016-08-05 12:02:12
  • Multiple Updates
2016-06-29 00:06:41
  • Multiple Updates
2016-06-28 17:47:58
  • Multiple Updates
2016-04-26 19:02:43
  • Multiple Updates
2016-03-09 13:25:54
  • Multiple Updates
2014-11-27 13:27:34
  • Multiple Updates
2014-02-17 10:51:15
  • Multiple Updates
2013-05-10 23:55:46
  • Multiple Updates