CVE-2009-3234
published 2009-09-17CVE-2009-3234: Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash)…
PriorityP427medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
1.80%
75.7th percentile
Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CVE-2009-3234: Buffer overflow in the perf_copy_attr function in kernel/perf_counter
vendor_redhat·CVSS 4.9
CVE-2009-3234 [MEDIUM] CVE-2009-3234: Buffer overflow in the perf_copy_attr function in kernel/perf_counter
Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.
Statement: Not vulnerable. This issue only affected kernels version v2.6.31-rc1 and later. Therefore this issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG.
GHSA
GHSA-w34v-rr2h-4v99: Buffer overflow in the perf_copy_attr function in kernel/perf_counter
ghsa_unreviewed·2022-05-02
CVE-2009-3234 [MEDIUM] CWE-119 GHSA-w34v-rr2h-4v99: Buffer overflow in the perf_copy_attr function in kernel/perf_counter
Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.
No detection rules found.
No writeups or analysis indexed.
http://article.gmane.org/gmane.linux.kernel/890654http://www.openwall.com/lists/oss-security/2009/09/16/1http://www.openwall.com/lists/oss-security/2009/09/17/13http://www.securityfocus.com/bid/36423http://article.gmane.org/gmane.linux.kernel/890654http://www.openwall.com/lists/oss-security/2009/09/16/1http://www.openwall.com/lists/oss-security/2009/09/17/13http://www.securityfocus.com/bid/36423
2009-09-17
Published