fkie_cve-2009-0787
Vulnerability from fkie_nvd
Published
2009-03-25 01:30
Modified
2025-04-09 00:30
Severity ?
Summary
The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | 2.6.28 | |
| linux | linux_kernel | 2.6.28.1 | |
| linux | linux_kernel | 2.6.28.2 | |
| linux | linux_kernel | 2.6.28.3 | |
| linux | linux_kernel | 2.6.28.4 | |
| linux | linux_kernel | 2.6.28.5 | |
| linux | linux_kernel | 2.6.28.6 | |
| linux | linux_kernel | 2.6.28.7 | |
| linux | linux_kernel | 2.6.28.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*",
"matchCriteriaId": "26BD805F-08EB-42EC-BC54-26A7278E5089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "217715A5-E69D-45C0-B8E4-5681528C651B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A87AD66C-4321-4459-8556-3B0BA38C493A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87A347E0-9C0B-4674-9363-3C36DA27AC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8E0F3DF0-6BD0-4560-9A13-C6493939D8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE1DF7-99CB-416B-B6F9-EC40FBD7D1C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B93AF773-FBB4-4A4A-ADD5-ADA40C24CD36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38A55F08-88A9-42D5-A2B1-8B8C0D6DED09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3975EC77-D33D-4167-91BE-08237C3EE9D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory."
},
{
"lang": "es",
"value": "La funci\u00f3n ecryptfs_write_metadata_to_contents en la funcionalidad eCryptfs en el kernel Linux v2.6.28 anterior a v2.6.28.9 emplea un tama\u00f1o incorrecto cuando escribe de la memoria del kernel a la cabecera del archivo eCryptfs, lo que dispara una lectura fuera de rango y permite a usuarios locales obtener porciones d la memoria del kernel."
}
],
"id": "CVE-2009-0787",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-25T01:30:00.453",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8faece5f906725c10e7a1f6caf84452abadbdc7b"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/52860"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34422"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35015"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37471"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34216"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022177"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0802"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49355"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11068"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8faece5f906725c10e7a1f6caf84452abadbdc7b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8319"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.\n\nIt was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2009-0473.html .",
"lastModified": "2009-05-19T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…