ID CVE-2009-2908
Summary The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 13-02-2023 - 02:20)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
oval via4
  • accepted 2013-04-29T04:03:37.914-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
    family unix
    id oval:org.mitre.oval:def:10216
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
    version 18
  • accepted 2014-01-20T04:01:31.058-05:00
    class vulnerability
    contributors
    • name J. Daniel Brown
      organization DTCC
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    comment VMware ESX Server 4.0 is installed
    oval oval:org.mitre.oval:def:6293
    description The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
    family unix
    id oval:org.mitre.oval:def:6992
    status accepted
    submitted 2010-06-01T17:30:00.000-05:00
    title Linux Kernel eCryptfs Lower Dentry Null Pointer Dereference Local Denial of Service Vulnerability
    version 8
redhat via4
advisories
rhsa
id RHSA-2009:1548
rpms
  • kernel-0:2.6.18-164.6.1.el5
  • kernel-PAE-0:2.6.18-164.6.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-164.6.1.el5
  • kernel-PAE-devel-0:2.6.18-164.6.1.el5
  • kernel-debug-0:2.6.18-164.6.1.el5
  • kernel-debug-debuginfo-0:2.6.18-164.6.1.el5
  • kernel-debug-devel-0:2.6.18-164.6.1.el5
  • kernel-debuginfo-0:2.6.18-164.6.1.el5
  • kernel-debuginfo-common-0:2.6.18-164.6.1.el5
  • kernel-devel-0:2.6.18-164.6.1.el5
  • kernel-doc-0:2.6.18-164.6.1.el5
  • kernel-headers-0:2.6.18-164.6.1.el5
  • kernel-kdump-0:2.6.18-164.6.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-164.6.1.el5
  • kernel-kdump-devel-0:2.6.18-164.6.1.el5
  • kernel-xen-0:2.6.18-164.6.1.el5
  • kernel-xen-debuginfo-0:2.6.18-164.6.1.el5
  • kernel-xen-devel-0:2.6.18-164.6.1.el5
refmap via4
bid 36639
confirm
fedora FEDORA-2009-10525
misc https://bugs.launchpad.net/ecryptfs/+bug/387073
mlist
  • [oss-security] 20091006 Kernel ecryptfs CVE id (CVE-2009-2908)
  • [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
secunia
  • 37075
  • 37105
  • 38794
  • 38834
ubuntu USN-852-1
vupen ADV-2010-0528
xf kernel-ecryptfs-dos(53693)
statements via4
contributor Tomas Hoger
lastmodified 2009-11-04
organization Red Hat
statement The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG do not include support for eCryptfs, and therefore are not affected by this issue. It was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2009-1548.html
Last major update 13-02-2023 - 02:20
Published 13-10-2009 - 10:30
Last modified 13-02-2023 - 02:20
Back to Top