QwikSec

Security Database

CVE

CWE

Training

CVE-2009-2584

Published: Jul 23, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[linux-kernel] 20090720 Re: [PATCH] sgi-gru: Fix kernel stack buffer overrun

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

[linux-kernel] 20090721 [PATCH] sgi-gru: Fix kernel stack buffer overrun

mailing-list

x_refsource_MLIST

http://grsecurity.net/~spender/exploit_demo.c

x_refsource_MISC

kernel-sgigru-bo(51887)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

http://xorl.wordpress.com/2009/07/21/linux-kernel-sgi-gru-driver-off-by-one-overwrite/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.