CVE-2009-4021 in Ubuntu

CVE-2009-4021

Priority

Medium

Description

The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the
Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of
service (invalid pointer dereference and OOPS) via vectors possibly related
to a memory-consumption attack.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4021
http://www.ubuntu.com/usn/usn-894-1

Bugs

https://bugzilla.redhat.com/show_bug.cgi?id=538734

Assigned-to

ogasawara

Package

Source: linux-source-2.6.15 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	DNE
Ubuntu 10.04 LTS (Lucid Lynx):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (2.6.31)
Ubuntu 8.04 LTS (Hardy Heron):	released (2.6.24-27.65)
Ubuntu 10.04 LTS (Lucid Lynx):	not-affected

Patches:

Upstream:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f60311d5f7670d9539b424e4ed8b5c0872fc9e83

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2012-06-01 15:20:23 UTC (commit 5347)