CVE-2009-3620

CWE-476 — NULL Pointer Dereference CWE-908 — Use of Uninitialized Resource CWE-20 — Improper Input Validation6 documents6 sources

Severity

7.8HIGH

EPSS

0.1%

top 74.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

8

Linux Linux Kernel Canonical Ubuntu Linux Fedoraproject Fedora +5 more

Timeline

PublishedOct 22

Latest updateMay 2

Description

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

▶NVDlinux/linux_kernel< 2.6.31.1

▶NVDsuse/linux_enterprise_server10, 8+1

▶NVDsuse/linux_enterprise_desktop10

▶NVDsuse/linux_enterprise_debuginfo10

▶NVDopensuse/opensuse11.0

Also affects: Ubuntu Linux 6.06, 8.04, 8.10, 9.04, 9.10, Fedora 10

Patches

Patch: www.kernel.org ↗Patch: www.openwall.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-rgrv-jr8m-xv3m: The ATI Rage 128 (aka r128) driver in the Linux kernel before 2↗2022-05-02

▶

CVEList

CVE-2009-3620: The ATI Rage 128 (aka r128) driver in the Linux kernel before 2↗2009-10-22

▶

📋Vendor Advisories

2

Ubuntu

Linux kernel vulnerabilities↗2009-12-05

▶

Red Hat

kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised↗2009-08-30

▶

💬Community

1

Bugzilla

CVE-2009-3620 kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised↗2009-10-19

▶

CVE-2009-3620 (HIGH CVSS 7.8) | The ATI Rage 128 (aka r128) driver | cvebase.io