admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-07xx/CVE-2009-0787.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

199 lines
6.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-0787",
"sourceIdentifier": "secalert@redhat.com",
"published": "2009-03-25T01:30:00.453",
"lastModified": "2023-02-13T02:19:42.450",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory."
},
{
"lang": "es",
"value": "La funci\u00f3n ecryptfs_write_metadata_to_contents en la funcionalidad eCryptfs en el kernel Linux v2.6.28 anterior a v2.6.28.9 emplea un tama\u00f1o incorrecto cuando escribe de la memoria del kernel a la cabecera del archivo eCryptfs, lo que dispara una lectura fuera de rango y permite a usuarios locales obtener porciones d la memoria del kernel."
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG.\n\nIt was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2009-0473.html .",
"lastModified": "2009-05-19T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-189"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*",
"matchCriteriaId": "26BD805F-08EB-42EC-BC54-26A7278E5089"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "217715A5-E69D-45C0-B8E4-5681528C651B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A87AD66C-4321-4459-8556-3B0BA38C493A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87A347E0-9C0B-4674-9363-3C36DA27AC45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8E0F3DF0-6BD0-4560-9A13-C6493939D8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE1DF7-99CB-416B-B6F9-EC40FBD7D1C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B93AF773-FBB4-4A4A-ADD5-ADA40C24CD36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38A55F08-88A9-42D5-A2B1-8B8C0D6DED09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3975EC77-D33D-4167-91BE-08237C3EE9D0"
}
]
}
]
}
],
"references": [
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8faece5f906725c10e7a1f6caf84452abadbdc7b",
"source": "secalert@redhat.com"
},
{
"url": "http://osvdb.org/52860",
"source": "secalert@redhat.com"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/34422",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/35015",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/37471",
"source": "secalert@redhat.com"
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.9",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/34216",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "http://www.securitytracker.com/id?1022177",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0802",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/3316",
"source": "secalert@redhat.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49355",
"source": "secalert@redhat.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11068",
"source": "secalert@redhat.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8319",
"source": "secalert@redhat.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink