Back to search
CVE-2009-3288
Published: Sep 22, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[linux-kernel] 20090903 [PATCH] sg: fix oops in the error path in sg_build_indirect()
mailing-list
x_refsource_MLIST
[oss-security] 20090904 CVE request: kernel: NULL pointer dereference in sg_build_indirect()
mailing-list
x_refsource_MLIST
USN-852-1
vendor-advisory
x_refsource_UBUNTU
[linux-kernel] 20090902 [BUG] 2.6.31-rc8 readcd Oops
mailing-list
x_refsource_MLIST
37105
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now