CVE DATABASE / CVE-2009-0269
CVE-2009-0269
CVSS 4.9 · MEDIUM
Summary
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.
CVSS 2.0 breakdown
| Base score | 4.9 (MEDIUM) |
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | NONE |
| Integrity | NONE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Linux linux kernelOpensuse opensuseDebian debian linuxCanonical ubuntu linux
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=a17d5232de7b53d34229de79ec22f4bb04adb7e4
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
- http://secunia.com/advisories/33758
- http://secunia.com/advisories/34394
- http://secunia.com/advisories/34502
- http://secunia.com/advisories/34981
- http://secunia.com/advisories/35390
- http://secunia.com/advisories/35394
- http://secunia.com/advisories/37471
- http://www.debian.org/security/2009/dsa-1749
- http://www.debian.org/security/2009/dsa-1787
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.1
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:118
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.