oss-sec: CVE-2009-3547 kernel: fs: pipe.c null pointer dereference

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

oss-sec mailing list archives

CVE-2009-3547 kernel: fs: pipe.c null pointer dereference

From: Eugene Teo <eugene () redhat com>
Date: Tue, 03 Nov 2009 18:54:05 +0800

* a NULL pointer dereference flaw was found in each of the following
functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and

pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointercould be released by other processes before it is used to update thepipe's reader and writer counters. This could lead to a local denial ofservice or privilege escalation.


http://lkml.org/lkml/2009/10/14/184
http://lkml.org/lkml/2009/10/21/42
http://git.kernel.org/linus/ad3960243e55320d74195fb85c975e0a8cc4466c
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3547

Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team

By Date By Thread

Current thread:

CVE-2009-3547 kernel: fs: pipe.c null pointer dereference Eugene Teo (Nov 03)