CVE: CVE-2009-2768

Export to Word

The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer."

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

S10 – Denial of Service

EPSS

Score: 0.00085
Percentile: 0.25681

CVSS Scoring

CVSS v3.1 Score: 7.8

Severity: HIGH

Mapped CWE(s)

CWE-476 : NULL Pointer Dereference
CWE-824 : Access of Uninitialized Pointer

Affected Products

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.31:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.31:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*

← Back to Home