QwikSec

Security Database

CVE

CWE

Training

CVE-2009-2849

Published: Aug 18, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_UBUNTU

third-party-advisory

x_refsource_SECUNIA

[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

mailing-list

x_refsource_MLIST

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.2

x_refsource_CONFIRM

oval:org.mitre.oval:def:10396

vdb-entry

signature

x_refsource_OVAL

FEDORA-2009-9044

vendor-advisory

x_refsource_FEDORA

[oss-security] 20090726 Re: md raid null ptr dereference (when sysfs is writable)

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/

x_refsource_MISC

kernel-mddriver-dos(52858)

vdb-entry

x_refsource_XF

[oss-security] 20090724 md raid null ptr dereference (when sysfs is writable)

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git%3Ba=commit%3Bh=3c92900d9a4afb176d3de335dc0da0198660a244

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.