CVE-2009-3547

Published: 04 November 2009

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Priority

Medium

CVSS 3 base score: 7.0

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.32~rc6)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ad3960243e55320d74195fb85c975e0a8cc4466c
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.32~rc6)