CVE-2009-2406

CWE-119Buffer OverflowCWE-130CWE-122Heap-based Buffer Overflow6 documents6 sources
Severity
6.9MEDIUM
EPSS
0.3%
top 45.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux Linux KernelLinux Kernel
Timeline
PublishedJul 31
Latest updateMay 2

Description

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

NVDlinux/linux_kernel2.6.30.3+255
NVDlinux/kernel2.6.24.7, 2.6.25.15+1

Patches

Patch: www.debian.orgPatch: www.debian.orgPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-86jh-hvhg-x8w9: Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore2022-05-02
CVEList
CVE-2009-2406: Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore2009-07-31

📋Vendor Advisories

2
Red Hat
kernel: ecryptfs stack overflow in parse_tag_11_packet()2009-07-28
Ubuntu
Linux kernel vulnerabilities2009-07-28

💬Community

1
Bugzilla
CVE-2009-2406 kernel: ecryptfs stack overflow in parse_tag_11_packet()2009-07-21
CVE-2009-2406 (MEDIUM CVSS 6.9) | Stack-based buffer overflow in the | cvebase.io