CVE-2009-1914
published 2009-06-04CVE-2009-1914: The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause…
PriorityP416medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
0.67%
47.5th percentile
The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.
Affected
291 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 2.6.28.10 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
vendor_ubuntu4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2009-07-02·CVSS 4.9
CVE-2009-1242 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Igor Zhbanov discovered that NFS clients were able to create device nodes
even when root_squash was enabled. An authenticated remote attacker
could create device nodes with open permissions, leading to a loss of
privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were
affected. (CVE-2009-1072)
Dan Carpenter discovered that SELinux did not correctly handle
certain network checks when running with compat_net=1. A local
attacker could exploit this to bypass network checks. Default Ubuntu
installations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were
affected. (CVE-2009-1184)
Shaohua Li discovered that memory was not correctly initialized in the
AGP subsystem. A local attacker could potentially re
Red Hat
CVE-2009-1914: The pci_register_iommu_region function in arch/sparc/kernel/pci_common
vendor_redhat·CVSS 4.9
CVE-2009-1914 [MEDIUM] CVE-2009-1914: The pci_register_iommu_region function in arch/sparc/kernel/pci_common
The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.
Statement: Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG. Red Hat does not provide support for the Linux kernel on the SPARC64 architecture.
GHSA
GHSA-g43q-mc2v-h35w: The pci_register_iommu_region function in arch/sparc/kernel/pci_common
ghsa_unreviewed·2022-05-02
CVE-2009-1914 [MEDIUM] CWE-20 GHSA-g43q-mc2v-h35w: The pci_register_iommu_region function in arch/sparc/kernel/pci_common
The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.
No detection rules found.
No writeups or analysis indexed.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043chttp://osvdb.org/54908http://secunia.com/advisories/35656http://secunia.com/advisories/36051http://www.debian.org/security/2009/dsa-1844http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29http://www.openwall.com/lists/oss-security/2009/06/03/3http://www.securityfocus.com/bid/35415http://www.ubuntu.com/usn/usn-793-1https://exchange.xforce.ibmcloud.com/vulnerabilities/51196http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043chttp://osvdb.org/54908http://secunia.com/advisories/35656http://secunia.com/advisories/36051http://www.debian.org/security/2009/dsa-1844http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29http://www.openwall.com/lists/oss-security/2009/06/03/3http://www.securityfocus.com/bid/35415http://www.ubuntu.com/usn/usn-793-1https://exchange.xforce.ibmcloud.com/vulnerabilities/51196
2009-06-04
Published