CVE-2009-4226 — Race Condition in Opensolaris

CWE-362 — Race Condition3 documents3 sources

Severity

7.1HIGHNVD

EPSS

0.6%

top 30.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Opensolaris

Timeline

PublishedDec 8

Latest updateMay 2

Description

Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDsun/opensolaris19 versions+18

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-vqf5-cc9g-wm93: Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL po↗2022-05-02

▶

CVEList

CVE-2009-4226: Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL po↗2009-12-08

▶