CVE-2009-4141 - Vulnerability Details

Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00117.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux Enterprise Mrg Rhel Eus

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::rc4::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.8.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.9:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.10:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.9:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.10:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.11:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.11.12:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.12.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.13:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.13.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.13.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.13.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.13.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.13.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.14.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.15.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.16.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.15:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.16:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.17:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.18:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.19:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.20:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.21:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.24:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.25:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.26:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.27:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.28:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.29:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.30:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.31:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.23:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.23.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.24:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.24:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.24:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.24:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.24:rc5::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.32.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.32.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.32.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.32.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.33:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.33:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.33:rc3::::::

Package	CPE	Advisory	Released Date
MRG for RHEL-5
kernel-rt-0:2.6.24.7-149.el5rt	cpe:/a:redhat:enterprise_mrg:1::el5	RHSA-2010:0161	2010-03-23T00:00:00Z
Red Hat Enterprise Linux 5
kernel-0:2.6.18-164.11.1.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2010:0046	2010-01-19T00:00:00Z
Red Hat Enterprise Linux 5.3.Z - Server Only
kernel-0:2.6.18-128.14.1.el5	cpe:/o:redhat:rhel_eus:5.3	RHSA-2010:0149	2010-03-17T00:00:00Z

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2009-4111	Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file.
Ubuntu USN	USN-894-1	Linux kernel vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0252.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53281b6d34d44308372d16acb7fb5327609f68b6
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html
http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c
http://secunia.com/advisories/38199
http://secunia.com/advisories/39033
http://support.avaya.com/css/P8/documents/100073666
http://twitter.com/taviso/statuses/7744108017
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.33-rc4-git1.bz2
http://www.redhat.com/support/errata/RHSA-2010-0161.html
http://www.securityfocus.com/bid/37806
https://bugzilla.redhat.com/show_bug.cgi?id=547906
https://nvd.nist.gov/vuln/detail/CVE-2009-4141
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7054
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9201
https://rhn.redhat.com/errata/RHSA-2010-0046.html
https://rhn.redhat.com/errata/RHSA-2010-0095.html
https://www.cve.org/CVERecord?id=CVE-2009-4141

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-01-19T16:00:00

Updated: 2024-08-07T06:54:09.581Z

Reserved: 2009-12-01T00:00:00

Link: CVE-2009-4141

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-01-19T16:30:00.930

Modified: 2025-04-11T00:51:21.963

Link: CVE-2009-4141

Redhat

Severity : Important

Publid Date: 2009-12-16T00:00:00Z

Links: CVE-2009-4141 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object