CVE-2009-0322
Publication date 28 January 2009
Last updated 24 July 2024
Ubuntu priority
drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.
From the Ubuntu Security Team
The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 8.10 intrepid |
Fixed 2.6.27-11.31
|
8.04 LTS hardy |
Fixed 2.6.24-23.52
|
|
7.10 gutsy | Not in release | |
6.06 LTS dapper | Not in release | |
linux-source-2.6.15 | 8.10 intrepid | Not in release |
8.04 LTS hardy | Not in release | |
7.10 gutsy | Not in release | |
6.06 LTS dapper |
Fixed 2.6.15-54.76
|
|
linux-source-2.6.22 | 8.10 intrepid | Not in release |
8.04 LTS hardy | Not in release | |
7.10 gutsy |
Fixed 2.6.22-16.62
|
|
6.06 LTS dapper | Not in release |