Vulnerabilities > CVE-2009-3043 - Resource Management Errors vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Linux Kernel 2.6.x 'drivers/char/tty_ldisc.c' NULL Pointer Dereference Denial of Service Vulnerability. CVE-2009-3043. Dos exploit for linux platform |
| id | EDB-ID:33193 |
| last seen | 2016-02-03 |
| modified | 2009-08-19 |
| published | 2009-08-19 |
| reporter | Eric W. Biederman |
| source | https://www.exploit-db.com/download/33193/ |
| title | Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' NULL Pointer Dereference Denial of Service Vulnerability |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 36191 CVE(CAN) ID: CVE-2009-3043 Linux Kernel是开放源码操作系统Linux所使用的内核。 如果本地用户执行了某些伪终端I/O操作,就可以在Linux Kernel的drivers/char/tty_ldisc.c文件的tty_ldisc_hangup函数中触发空指针引用,导致系统崩溃。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/pub/linux/kernel/v2.6/testing/linux-2.6.31-rc8.tar.bz2 |
| id | SSV:12198 |
| last seen | 2017-11-19 |
| modified | 2009-09-04 |
| published | 2009-09-04 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-12198 |
| title | Linux Kernel tty ldisc驱动空指针引用拒绝服务漏洞 |
Statements
| contributor | Tomas Hoger |
| lastmodified | 2009-09-03 |
| organization | Red Hat |
| statement | Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG, as they do not contain a backport of the tty ldisc rewrite (upstream commits 65b770468e98 and cbe9352fa08f). |
References
- http://www.securityfocus.com/bid/36191
- http://lkml.org/lkml/2009/8/20/27
- http://lkml.org/lkml/2009/8/20/68
- http://lkml.org/lkml/2009/8/20/21
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc8
- http://www.openwall.com/lists/oss-security/2009/08/31/1
- http://www.openwall.com/lists/oss-security/2009/09/03/6
- http://www.openwall.com/lists/oss-security/2009/09/03/7
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5c58ceff103d8a654f24769bb1baaf84a841b0cc