CVE-2009-3043
published 2009-09-02CVE-2009-3043: The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service…
PriorityP418medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
0.85%
53.6th percentile
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c.
Affected
313 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 2.6.31 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j6rr-99wm-q9wm: The tty_ldisc_hangup function in drivers/char/tty_ldisc
ghsa_unreviewed·2022-05-02
CVE-2009-3043 [MEDIUM] GHSA-j6rr-99wm-q9wm: The tty_ldisc_hangup function in drivers/char/tty_ldisc
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c.
Red Hat
CVE-2009-3043: The tty_ldisc_hangup function in drivers/char/tty_ldisc
vendor_redhat·CVSS 4.9
CVE-2009-3043 [MEDIUM] CVE-2009-3043: The tty_ldisc_hangup function in drivers/char/tty_ldisc
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c.
Statement: Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG, as they do not contain a backport of the tty ldisc rewrite (upstream commits 65b770468e98 and cbe9352fa08f).
No detection rules found.
No writeups or analysis indexed.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5c58ceff103d8a654f24769bb1baaf84a841b0cchttp://lkml.org/lkml/2009/8/20/21http://lkml.org/lkml/2009/8/20/27http://lkml.org/lkml/2009/8/20/68http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc8http://www.openwall.com/lists/oss-security/2009/08/31/1http://www.openwall.com/lists/oss-security/2009/09/03/6http://www.openwall.com/lists/oss-security/2009/09/03/7http://www.securityfocus.com/bid/36191http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5c58ceff103d8a654f24769bb1baaf84a841b0cchttp://lkml.org/lkml/2009/8/20/21http://lkml.org/lkml/2009/8/20/27http://lkml.org/lkml/2009/8/20/68http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc8http://www.openwall.com/lists/oss-security/2009/08/31/1http://www.openwall.com/lists/oss-security/2009/09/03/6http://www.openwall.com/lists/oss-security/2009/09/03/7http://www.securityfocus.com/bid/36191
2009-09-02
Published