CVE - CVE-2009-1961

CVE-ID
CVE-2009-1961	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:35143 URL:http://www.securityfocus.com/bid/35143 CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=7bfac9ecf0585962fe13584f5cf526d8c8e76f17 DEBIAN:DSA-1844 URL:http://www.debian.org/security/2009/dsa-1844 MANDRIVA:MDVSA-2009:135 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:135~~ (Obsolete source) MANDRIVA:MDVSA-2009:148 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:148~~ (Obsolete source) MLIST:[oss-security] 20090529 CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/05/29/2 MLIST:[oss-security] 20090530 Re: CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/05/30/1 MLIST:[oss-security] 20090602 Re: CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/06/02/2 MLIST:[oss-security] 20090603 Re: CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/06/03/1 REDHAT:RHSA-2009:1157 URL:http://www.redhat.com/support/errata/RHSA-2009-1157.html SECTRACK:1022307 URL:http://securitytracker.com/id?1022307 SECUNIA:35390 URL:http://secunia.com/advisories/35390 SECUNIA:35394 URL:http://secunia.com/advisories/35394 SECUNIA:35656 URL:http://secunia.com/advisories/35656 SECUNIA:35847 URL:http://secunia.com/advisories/35847 SECUNIA:36051 URL:http://secunia.com/advisories/36051 SUSE:SUSE-SA:2009:030 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html SUSE:SUSE-SA:2009:031 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html SUSE:SUSE-SA:2009:038 URL:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html UBUNTU:USN-793-1 URL:http://www.ubuntu.com/usn/usn-793-1
Assigning CNA
MITRE Corporation
Date Record Created
20090606	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090606)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)