CVE-2009-0859 - OpenCVE

The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a68e61e8ff2d46327a37b69056998b47745db6fa
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
http://marc.info/?l=git-commits-head&m=123387479500599&w=2
http://marc.info/?l=linux-kernel&m=120428209704324&w=2
http://marc.info/?l=linux-kernel&m=123309645625549&w=2
http://openwall.com/lists/oss-security/2009/03/06/1
http://patchwork.kernel.org/patch/6554/
http://secunia.com/advisories/34981
http://secunia.com/advisories/35011
http://secunia.com/advisories/35121
http://secunia.com/advisories/35185
http://secunia.com/advisories/35390
http://secunia.com/advisories/35394
http://www.debian.org/security/2009/dsa-1787
http://www.debian.org/security/2009/dsa-1794
http://www.debian.org/security/2009/dsa-1800
http://www.securityfocus.com/bid/34020
http://www.ubuntu.com/usn/usn-751-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/49229

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-03-09T21:00:00

Updated: 2024-08-07T04:48:52.590Z

Reserved: 2009-03-09T00:00:00

Link: CVE-2009-0859

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-03-09T21:30:00.343

Modified: 2023-11-07T02:03:45.840

Link: CVE-2009-0859

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-01-27T00:00:00", "descriptions": [{"lang": "en", "value": "The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "35390", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35390"}, {"name": "SUSE-SA:2009:028", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "linux-kernel-shmgetstat-dos(49229)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49229"}, {"name": "[linux-kernel] 20090127 [PATCH 1/2] fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=123309645625549&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a68e61e8ff2d46327a37b69056998b47745db6fa"}, {"name": "DSA-1794", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5"}, {"name": "SUSE-SA:2009:030", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "USN-751-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"name": "35185", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35185"}, {"name": "[git-commits-head] 20090205 shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=git-commits-head&m=123387479500599&w=2"}, {"name": "35011", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35011"}, {"name": "[linux-kernel] 20080229 [BUG] soft lockup detected with ipcs", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=120428209704324&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://patchwork.kernel.org/patch/6554/"}, {"name": "SUSE-SA:2009:031", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "34020", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34020"}, {"name": "34981", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "DSA-1787", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "35121", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35121"}, {"name": "[oss-security] 20090306 CVE request: kernel: shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2009/03/06/1"}, {"name": "35394", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35394"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0859", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "35390", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35390"}, {"name": "SUSE-SA:2009:028", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "linux-kernel-shmgetstat-dos(49229)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49229"}, {"name": "[linux-kernel] 20090127 [PATCH 1/2] fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=123309645625549&w=2"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a68e61e8ff2d46327a37b69056998b47745db6fa", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a68e61e8ff2d46327a37b69056998b47745db6fa"}, {"name": "DSA-1794", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1794"}, {"name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5", "refsource": "CONFIRM", "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5"}, {"name": "SUSE-SA:2009:030", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "USN-751-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"name": "35185", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35185"}, {"name": "[git-commits-head] 20090205 shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "refsource": "MLIST", "url": "http://marc.info/?l=git-commits-head&m=123387479500599&w=2"}, {"name": "35011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35011"}, {"name": "[linux-kernel] 20080229 [BUG] soft lockup detected with ipcs", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=120428209704324&w=2"}, {"name": "http://patchwork.kernel.org/patch/6554/", "refsource": "CONFIRM", "url": "http://patchwork.kernel.org/patch/6554/"}, {"name": "SUSE-SA:2009:031", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "34020", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34020"}, {"name": "34981", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "DSA-1787", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "35121", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35121"}, {"name": "[oss-security] 20090306 CVE request: kernel: shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2009/03/06/1"}, {"name": "35394", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35394"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:48:52.590Z"}, "title": "CVE Program Container", "references": [{"name": "35390", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35390"}, {"name": "SUSE-SA:2009:028", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "linux-kernel-shmgetstat-dos(49229)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49229"}, {"name": "[linux-kernel] 20090127 [PATCH 1/2] fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=123309645625549&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a68e61e8ff2d46327a37b69056998b47745db6fa"}, {"name": "DSA-1794", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5"}, {"name": "SUSE-SA:2009:030", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "USN-751-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"name": "35185", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35185"}, {"name": "[git-commits-head] 20090205 shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=git-commits-head&m=123387479500599&w=2"}, {"name": "35011", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35011"}, {"name": "[linux-kernel] 20080229 [BUG] soft lockup detected with ipcs", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=120428209704324&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://patchwork.kernel.org/patch/6554/"}, {"name": "SUSE-SA:2009:031", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "34020", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34020"}, {"name": "34981", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "DSA-1787", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "35121", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35121"}, {"name": "[oss-security] 20090306 CVE request: kernel: shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2009/03/06/1"}, {"name": "35394", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35394"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0859", "datePublished": "2009-03-09T21:00:00", "dateReserved": "2009-03-09T00:00:00", "dateUpdated": "2024-08-07T04:48:52.590Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8326D9A2-64BB-4386-997C-17DC46C7242D", "versionEndIncluding": "2.6.28.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program."}, {"lang": "es", "value": "La funci\u00f3n shm_get_stat en ipc/shm.c del subsistema shm en el Kernell de Linux anteriores a v2.6.28.5, cuando CONFIG_SHMEM est\u00e1 desactivado, interpreta de forma err\u00f3nea el tipo de datos en un inode, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicios (cuelgue del sistema) a trav\u00e9s de una llamada shmctl SHM_INFO, como se ha demostrado ejecutando el programa ipcs.\r\n"}], "id": "CVE-2009-0859", "lastModified": "2023-11-07T02:03:45.840", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-03-09T21:30:00.343", "references": [{"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a68e61e8ff2d46327a37b69056998b47745db6fa"}, {"source": "cve@mitre.org", "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=git-commits-head&m=123387479500599&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=linux-kernel&m=120428209704324&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=linux-kernel&m=123309645625549&w=2"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2009/03/06/1"}, {"source": "cve@mitre.org", "url": "http://patchwork.kernel.org/patch/6554/"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/34981"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35011"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35121"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35185"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35390"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/35394"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1787"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1794"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1800"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34020"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49229"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, or Red Hat Enterprise MRG.", "lastModified": "2009-03-10T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}