CVE - CVE-2009-1961

CVE-ID
CVE-2009-1961	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20090529 CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/05/29/2 MLIST:[oss-security] 20090530 Re: CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/05/30/1 MLIST:[oss-security] 20090602 Re: CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/06/02/2 MLIST:[oss-security] 20090603 Re: CVE request: kernel: splice local denial of service URL:http://www.openwall.com/lists/oss-security/2009/06/03/1 CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=7bfac9ecf0585962fe13584f5cf526d8c8e76f17 DEBIAN:DSA-1844 URL:http://www.debian.org/security/2009/dsa-1844 MANDRIVA:MDVSA-2009:135 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:135 MANDRIVA:MDVSA-2009:148 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:148 REDHAT:RHSA-2009:1157 URL:http://www.redhat.com/support/errata/RHSA-2009-1157.html SUSE:SUSE-SA:2009:030 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html SUSE:SUSE-SA:2009:031 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html SUSE:SUSE-SA:2009:038 URL:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html UBUNTU:USN-793-1 URL:http://www.ubuntu.com/usn/usn-793-1 BID:35143 URL:http://www.securityfocus.com/bid/35143 SECTRACK:1022307 URL:http://securitytracker.com/id?1022307 SECUNIA:35390 URL:http://secunia.com/advisories/35390 SECUNIA:35394 URL:http://secunia.com/advisories/35394 SECUNIA:36051 URL:http://secunia.com/advisories/36051 SECUNIA:35847 URL:http://secunia.com/advisories/35847 SECUNIA:35656 URL:http://secunia.com/advisories/35656
Assigning CNA
N/A
Date Entry Created
20090606	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090606)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org