CVE-2009-0935 - Vulnerability Details - OpenCVE

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:2.6.29:rc3::::::

No data.

References

Link	Providers
http://marc.info/?l=linux-kernel&m=123337123501681&w=2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3
http://www.openwall.com/lists/oss-security/2009/03/06/2
http://www.openwall.com/lists/oss-security/2009/03/18/5
http://www.openwall.com/lists/oss-security/2009/03/19/2
http://www.securityfocus.com/bid/33624
https://bugzilla.redhat.com/show_bug.cgi?id=488935
https://exchange.xforce.ibmcloud.com/vulnerabilities/49331
https://nvd.nist.gov/vuln/detail/CVE-2009-0935
https://www.cve.org/CVERecord?id=CVE-2009-0935

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-03-18T01:00:00

Updated: 2024-08-07T04:57:17.139Z

Reserved: 2009-03-17T00:00:00

Link: CVE-2009-0935

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-03-18T02:00:08.157

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-0935

Redhat

Severity : Important

Publid Date: 2009-01-22T00:00:00Z

Links: CVE-2009-0935 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-03-06T00:00:00", "descriptions": [{"lang": "en", "value": "The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "linux-kernel-inotify-read-dos(49331)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49331"}, {"name": "33624", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33624"}, {"name": "[oss-security] 20090306 CVE request: kernel: inotify local DoS", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/03/06/2"}, {"name": "[linux-kernel] 20090131 [patch 03/43] inotify: clean up inotify_read and fix locking", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=123337123501681&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488935"}, {"name": "[oss-security] 20090319 Re: CVE request: kernel: inotify local DoS", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/03/19/2"}, {"name": "[oss-security] 20090318 Re: CVE request: kernel: inotify local DoS", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/03/18/5"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0935", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "linux-kernel-inotify-read-dos(49331)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49331"}, {"name": "33624", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33624"}, {"name": "[oss-security] 20090306 CVE request: kernel: inotify local DoS", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/03/06/2"}, {"name": "[linux-kernel] 20090131 [patch 03/43] inotify: clean up inotify_read and fix locking", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=123337123501681&w=2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=488935", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488935"}, {"name": "[oss-security] 20090319 Re: CVE request: kernel: inotify local DoS", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/03/19/2"}, {"name": "[oss-security] 20090318 Re: CVE request: kernel: inotify local DoS", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/03/18/5"}, {"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:57:17.139Z"}, "title": "CVE Program Container", "references": [{"name": "linux-kernel-inotify-read-dos(49331)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49331"}, {"name": "33624", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33624"}, {"name": "[oss-security] 20090306 CVE request: kernel: inotify local DoS", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2009/03/06/2"}, {"name": "[linux-kernel] 20090131 [patch 03/43] inotify: clean up inotify_read and fix locking", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=123337123501681&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488935"}, {"name": "[oss-security] 20090319 Re: CVE request: kernel: inotify local DoS", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2009/03/19/2"}, {"name": "[oss-security] 20090318 Re: CVE request: kernel: inotify local DoS", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2009/03/18/5"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0935", "datePublished": "2009-03-18T01:00:00", "dateReserved": "2009-03-17T00:00:00", "dateUpdated": "2024-08-07T04:57:17.139Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "959E86DD-3F82-4BFC-9190-B63FC5B79507", "versionEndIncluding": "2.6.27.13", "versionStartIncluding": "2.6.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3421BB9A-F9FC-4BDD-B72B-1DF16DA121A1", "versionEndIncluding": "2.6.28.2", "versionStartIncluding": "2.6.28", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29:rc3:*:*:*:*:*:*", "matchCriteriaId": "92058AE0-2E52-4304-B4C6-871AB1CE42DF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance."}, {"lang": "es", "value": "La funci\u00f3n inotify_read en el kernel de Linux versiones 2.6.27 hasta 2.6.27.13, 2.6.28 hasta 2.6.28.2 y 2.6.29-rc3, permite a los usuarios locales causar una denegaci\u00f3n de servicio (OOPS) por medio de una lectura con una direcci\u00f3n no v\u00e1lida en una instancia inotify, lo que causa que la exclusi\u00f3n mutua de la lista de eventos del dispositivo se desbloquee dos veces e impida la sincronizaci\u00f3n apropiada de una estructura de datos para la instancia inotify."}], "id": "CVE-2009-0935", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2009-03-18T02:00:08.157", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "http://marc.info/?l=linux-kernel&m=123337123501681&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2009/03/06/2"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2009/03/18/5"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2009/03/19/2"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/33624"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488935"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "http://marc.info/?l=linux-kernel&m=123337123501681&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2009/03/06/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2009/03/18/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2009/03/19/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/33624"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488935"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49331"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, or Red Hat Enterprise MRG.", "lastModified": "2009-04-15T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}