VDB
CVE-2009-0859
CVE-2009-0859
PUBLISHED
CVSS 4.699999809265137 MEDIUM
The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.
EPSS 0.11% · 29.5th percentile
Risk Scores
CVSS v2.0
4.699999809265137
EPSS Score
0.11%
29.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| linux | linux_kernel | 0 |
Timeline
- Mar 9, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- 35390 third-party-advisory
- SUSE-SA:2009:028 vendor-advisory
- linux-kernel-shmgetstat-dos(49229) vdb
- [linux-kernel] 20090127 [PATCH 1/2] fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM mailing-list
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a68e61e8ff2d46327a37b69056998b47745db6fa url
- DSA-1794 vendor-advisory
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5 url
- SUSE-SA:2009:030 vendor-advisory
- USN-751-1 vendor-advisory
- 35185 third-party-advisory
- [git-commits-head] 20090205 shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM mailing-list
- 35011 third-party-advisory
- [linux-kernel] 20080229 [BUG] soft lockup detected with ipcs mailing-list
- http://patchwork.kernel.org/patch/6554/ url
- SUSE-SA:2009:031 vendor-advisory
- 34020 vdb
- 34981 third-party-advisory
- DSA-1800 vendor-advisory
- DSA-1787 vendor-advisory
- 35121 third-party-advisory
…and 5 more