CVE-2009-4410

The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service (panic) via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.9 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
linuxlinux_kernel
2.6.29
linuxlinux_kernel
2.6.29:git1
linuxlinux_kernel
2.6.29:rc1
linuxlinux_kernel
2.6.29:rc2
linuxlinux_kernel
2.6.29:rc2_git7
linuxlinux_kernel
2.6.29:rc8-kk
linuxlinux_kernel
2.6.29.1
linuxlinux_kernel
2.6.29.2
linuxlinux_kernel
2.6.29.3
linuxlinux_kernel
2.6.29.4
linuxlinux_kernel
2.6.29.5
linuxlinux_kernel
2.6.29.6
linuxlinux_kernel
2.6.29.rc1:rc1
linuxlinux_kernel
2.6.29.rc2:rc2
linuxlinux_kernel
2.6.29.rc2-git1:rc2
linuxlinux_kernel
2.6.30
linuxlinux_kernel
2.6.30:rc1
linuxlinux_kernel
2.6.30:rc2
linuxlinux_kernel
2.6.30:rc3
linuxlinux_kernel
2.6.30:rc4
linuxlinux_kernel
2.6.30:rc5
linuxlinux_kernel
2.6.30:rc6
linuxlinux_kernel
2.6.30:rc7-git6
linuxlinux_kernel
2.6.30.1
linuxlinux_kernel
2.6.30.2
linuxlinux_kernel
2.6.30.3
linuxlinux_kernel
2.6.30.4
linuxlinux_kernel
2.6.30.5
linuxlinux_kernel
2.6.30.6
linuxlinux_kernel
2.6.30.7
linuxlinux_kernel
2.6.30.8
linuxlinux_kernel
2.6.30.9
linuxlinux_kernel
2.6.30.y:y
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
dapper
dne
linux-source-2.6.15
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
dapper
not-affected
References
http://osvdb.org/61335
http://secunia.com/advisories/37928
http://www.openwall.com/lists/oss-security/2009/12/23/1
http://www.securityfocus.com/bid/37453
https://bugzilla.redhat.com/show_bug.cgi?id=549400
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01344.html
http://osvdb.org/61335
http://secunia.com/advisories/37928
http://www.openwall.com/lists/oss-security/2009/12/23/1
http://www.securityfocus.com/bid/37453
https://bugzilla.redhat.com/show_bug.cgi?id=549400
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01344.html