Executive Summary

Informations
NameCVE-2009-3234First vendor Publication2009-09-17
VendorCveLast vendor Modification2012-03-19

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score4.9Attack RangeLocal
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3234

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1

Open Source Vulnerability Database (OSVDB)

idDescription
58213Linux Kernel kernel/perf_counter.c perf_copy_attr() Function Local Overflow DoS

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/36423
MLISThttp://article.gmane.org/gmane.linux.kernel/890654
http://www.openwall.com/lists/oss-security/2009/09/16/1
http://www.openwall.com/lists/oss-security/2009/09/17/13

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-10 23:57:26
  • Multiple Updates