PublicDateAtUSN: 2009-11-04
Candidate: CVE-2009-3547
PublicDate: 2009-11-04 15:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547
 https://ubuntu.com/security/notices/USN-864-1
Description:
 Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6
 allow local users to cause a denial of service (NULL pointer dereference
 and system crash) or gain privileges by attempting to open an anonymous
 pipe via a /proc/*/fd/ pathname.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H [7.0 HIGH]

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: released (2.6.32~rc6)
dapper_linux-source-2.6.15: released (2.6.15-55.81)
hardy_linux-source-2.6.15: DNE
intrepid_linux-source-2.6.15: DNE
jaunty_linux-source-2.6.15: DNE
karmic_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux:
 upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ad3960243e55320d74195fb85c975e0a8cc4466c
upstream_linux: released (2.6.32~rc6)
dapper_linux: DNE
hardy_linux: released (2.6.24-26.64)
intrepid_linux: released (2.6.27-16.44)
jaunty_linux: released (2.6.28-17.58)
karmic_linux: released (2.6.31-16.52)
devel_linux: not-affected (2.6.32-3.4)