CVE DATABASE / CVE-2009-3080
CVE-2009-3080
CVSS 7.2 · HIGH
Summary
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
CVSS 2.0 breakdown
| Base score | 7.2 (HIGH) |
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | COMPLETE |
| Integrity | COMPLETE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Linux linux kernelOpensuse opensuseSuse linux enterprise desktopSuse linux enterprise serverDebian debian linuxCanonical ubuntu linuxVmware esxRedhat virtualizationRedhat enterprise linux desktopRedhat enterprise linux eusRedhat enterprise linux serverRedhat enterprise linux server workstationRedhat fedora
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0
- http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
- http://secunia.com/advisories/37435
- http://secunia.com/advisories/37720
- http://secunia.com/advisories/37909
- http://secunia.com/advisories/38017
- http://secunia.com/advisories/38276
- http://support.avaya.com/css/P8/documents/100073666
- http://www.debian.org/security/2010/dsa-2005
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc8
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:030
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.