NVD Vulnerability Detail

CVE-2009-3547

Summary	Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Publication Date	Nov. 5, 2009, 12:30 a.m.
Registration Date	Jan. 29, 2021, 1:24 p.m.
Last Update	Feb. 16, 2024, 6:12 a.m.

CVSS3.1 : HIGH
スコア	7.0
Vector	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	高
攻撃に必要な特権レベル(PR)	低
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高

CVSS2.0 : MEDIUM
Score	6.9
Vector	AV:L/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel:2.6.32:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc5::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:-::::::
cpe:2.3:o:linux:linux_kernel::::::::		2.6.31.14

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:novell:linux_desktop:9:::::::*
cpe:2.3:o:opensuse:opensuse:11.0:::::::*
cpe:2.3:o:opensuse:opensuse:11.2:::::::*
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2::::::
cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2::::::

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*
cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:8.04:::::::*
cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

Configuration4		or higher	or less	more than	less than
cpe:2.3:o:fedoraproject:fedora:10:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:o:vmware:esx:4.0:::::::*
cpe:2.3:a:vmware:vma:4.0:::::::*

Configuration6	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:5.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:4.8:::::::*
cpe:2.3:a:redhat:mrg_realtime:1.0:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	https://rhn.redhat.com/errata/RHSA-2009-1540.html	REDHAT	Third Party Advisory
2	http://lkml.org/lkml/2009/10/21/42	MLIST	Mailing List Patch
3	http://www.securityfocus.com/bid/36901	BID	Broken Link Exploit Third Party Advisory VDB Entry
4	http://lkml.org/lkml/2009/10/14/184	MLIST	Exploit Mailing List
5	https://bugzilla.redhat.com/show_bug.cgi?id=530490	CONFIRM	Issue Tracking Patch Third Party Advisory
6	http://marc.info/?l=oss-security&m=125724568017045&w=2	MLIST	Mailing List Third Party Advisory
7	https://rhn.redhat.com/errata/RHSA-2009-1548.html	REDHAT	Third Party Advisory
8	https://rhn.redhat.com/errata/RHSA-2009-1541.html	REDHAT	Third Party Advisory
9	https://rhn.redhat.com/errata/RHSA-2009-1550.html	REDHAT	Third Party Advisory
10	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html	SUSE	Mailing List Third Party Advisory
11	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html	SUSE	Mailing List Third Party Advisory
12	http://secunia.com/advisories/37351	SECUNIA	Broken Link
13	https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html	FEDORA	Mailing List
14	http://www.mandriva.com/security/advisories?name=MDVSA-2009:329	MANDRIVA	Broken Link
15	http://www.redhat.com/support/errata/RHSA-2009-1672.html	REDHAT	Broken Link
16	http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html	SUSE	Mailing List Third Party Advisory
17	http://secunia.com/advisories/38017	SECUNIA	Broken Link
18	http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html	SUSE	Broken Link Mailing List Third Party Advisory
19	http://www.ubuntu.com/usn/usn-864-1	UBUNTU	Third Party Advisory
20	http://secunia.com/advisories/38794	SECUNIA	Broken Link
21	http://www.vupen.com/english/advisories/2010/0528	VUPEN	Broken Link
22	http://lists.vmware.com/pipermail/security-announce/2010/000082.html	MLIST	Mailing List Third Party Advisory
23	http://secunia.com/advisories/38834	SECUNIA	Broken Link
24	http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6	CONFIRM	Broken Link
25	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327	OVAL	Broken Link Third Party Advisory
26	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608	OVAL	Broken Link Third Party Advisory
27	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513	OVAL	Broken Link Third Party Advisory
28	http://www.securityfocus.com/archive/1/512019/100/0/threaded	BUGTRAQ	Broken Link Third Party Advisory VDB Entry
29	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c	MISC	Broken Link

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-362	競合状態	https://cwe.mitre.org/data/definitions/362.html
2	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html
3	CWE-672	有効期限後または解放後のリソースの操作	https://cwe.mitre.org/data/definitions/672.html

JVN Vulnerability Information

Linux kernel における競合状態の脆弱性

Title	Linux kernel における競合状態の脆弱性
Summary	Linux kernel には、/proc/*/fd/ パス名を通して匿名パイプを開こうとすることによる競合状態の脆弱性が存在します。
Possible impacts	ローカルユーザにサービス運用妨害 (DoS) 状態にされる、または権限を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Nov. 3, 2009, midnight
Registration Date	Dec. 14, 2009, 12:32 p.m.
Last Update	Feb. 16, 2010, 11:44 a.m.

Affected System

レッドハット

Red Hat Enterprise Linux 3 (as)

Red Hat Enterprise Linux 3 (es)

Red Hat Enterprise Linux 3 (ws)

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.7 (as)

Red Hat Enterprise Linux 4.7 (es)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 3.0

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux EUS 5.2.z (server)

Red Hat Enterprise Linux EUS 5.3.z (server)

Red Hat Enterprise Linux EUS 5.4.z (server)

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

Asianux Server 4.0

Asianux Server 4.0 (x86-64)

Linux

Linux Kernel 2.6.32-rc6 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2009-3547	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547
National Vulnerability Database (NVD)
2	CVE-2009-3547	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3547

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-362	https://jvndb.jvn.jp/ja/cwe/CWE-362.html

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	kernel-2.6.18-128.13AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=804
Linux Kernel
2	ChangeLog-2.4.37.7	http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.7
3	ChangeLog-2.6.27.39	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.39
4	ChangeLog-2.6.31.6	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.6
MIRACLE LINUX アップデート情報
5	1825	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1825
6	1835	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1835
7	1992	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1992
Red Hat Security Advisory
8	RHSA-2009:1540	https://rhn.redhat.com/errata/RHSA-2009-1540.html
9	RHSA-2009:1541	https://rhn.redhat.com/errata/RHSA-2009-1541.html
10	RHSA-2009:1548	https://rhn.redhat.com/errata/RHSA-2009-1548.html
11	RHSA-2009:1550	https://rhn.redhat.com/errata/RHSA-2009-1550.html
12	RHSA-2009:1587	https://rhn.redhat.com/errata/RHSA-2009-1587.html
13	RHSA-2009:1588	https://rhn.redhat.com/errata/RHSA-2009-1588.html
14	RHSA-2009:1672	https://rhn.redhat.com/errata/RHSA-2009-1672.html
レッドハットセキュリティーアップデート
15	RHSA-2009:1541	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1541J.html
16	RHSA-2009:1548	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1548J.html
17	RHSA-2009:1550	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1550J.html

その他

No	Name	URL
Secunia Advisory
1	SA37233	http://secunia.com/advisories/37233
2	SA37296	http://secunia.com/advisories/37296
SecurityFocus
3	36901	http://www.securityfocus.com/bid/36901
VUPEN Security
4	VUPEN/ADV-2009-3136	http://www.vupen.com/english/advisories/2009/3136

Change Log

No	Changed Details	Date of change
0	[2009年12月14日] 掲載 [2010年01月21日] 影響を受けるシステム：ミラクル・リナックス (kernel-2.6.18-128.13AXS3) の情報を追加影響を受けるシステム：ミラクル・リナックス (1835) の情報を追加影響を受けるシステム：レッドハット (RHSA-2009:1672) の情報を追加影響を受けるシステム：レッドハット (RHSA-2009:1587) の情報を追加影響を受けるシステム：レッドハット (RHSA-2009:1588) の情報を追加ベンダ情報：ミラクル・リナックス (kernel-2.6.18-128.13AXS3) を追加ベンダ情報：ミラクル・リナックス (1835) を追加ベンダ情報：レッドハット (RHSA-2009:1672) を追加ベンダ情報：レッドハット (RHSA-2009:1587) を追加ベンダ情報：レッドハット (RHSA-2009:1588) を追加 [2010年02月16日] ベンダ情報：ミラクル・リナックス (1992) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel:2.6.32:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc5::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.32:-::::::
cpe:2.3:o:linux:linux_kernel::::::::		2.6.31.14

Configuration6	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:5.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:4.8:::::::*
cpe:2.3:a:redhat:mrg_realtime:1.0:::::::*