ID CVE-2009-0747
Summary The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc2:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc2:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc3:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc4:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc4:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc5:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc5:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc6:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc6:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc7:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc7:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc8:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc8:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27:rc9:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27:rc9:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc1:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc1:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc2:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc2:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc3:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc3:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc4:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc4:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc5:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc5:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc6:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc6:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28:rc7:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28:rc7:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 10-10-2018 - 19:30)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
oval via4
  • accepted 2014-01-20T04:01:40.485-05:00
    class vulnerability
    contributors
    • name Pai Peng
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    comment VMware ESX Server 4.0 is installed
    oval oval:org.mitre.oval:def:6293
    description The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
    family unix
    id oval:org.mitre.oval:def:8585
    status accepted
    submitted 2010-03-19T16:57:59.000-04:00
    title VMware kernel ext4_isize function vulnerability
    version 7
  • accepted 2013-04-29T04:18:28.295-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
    family unix
    id oval:org.mitre.oval:def:9200
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
    version 18
redhat via4
advisories
rhsa
id RHSA-2009:1243
rpms
  • kernel-0:2.6.18-164.el5
  • kernel-PAE-0:2.6.18-164.el5
  • kernel-PAE-devel-0:2.6.18-164.el5
  • kernel-debug-0:2.6.18-164.el5
  • kernel-debug-devel-0:2.6.18-164.el5
  • kernel-devel-0:2.6.18-164.el5
  • kernel-doc-0:2.6.18-164.el5
  • kernel-headers-0:2.6.18-164.el5
  • kernel-kdump-0:2.6.18-164.el5
  • kernel-kdump-devel-0:2.6.18-164.el5
  • kernel-xen-0:2.6.18-164.el5
  • kernel-xen-devel-0:2.6.18-164.el5
refmap via4
bugtraq 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
confirm
debian DSA-1749
secunia
  • 34394
  • 36562
  • 37471
ubuntu USN-751-1
vupen
  • ADV-2009-0509
  • ADV-2009-3316
statements via4
contributor Tomas Hoger
lastmodified 2009-09-02
organization Red Hat
statement This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and Red Hat Enterprise MRG. This issue was addressed in Red Hat Enterprise Linux 5 by https://rhn.redhat.com/errata/RHSA-2009-1243.html
Last major update 10-10-2018 - 19:30
Published 27-02-2009 - 17:30
Back to Top