CVE-2009-3080

CVSS v2.0 7.2 (High)

EPSS 0.05 % (21^th)

Affected Products 13

Advisories 3

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

Weaknesses

CWE-129: Improper Validation of Array Index

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2009-11-20 17:30:00
(15 years ago)
Updated Date: 2023-02-13 02:20:25
(19 months ago)

Affected Products

Redhat

Suse

Vmware

Configuration #1

	CPE23	Up To
Linux Kernel 2.6.31.6 and prior versions	cpe:2.3:o:linux:linux_kernel	<= 2.6.31.6
Linux Kernel 2.6.32	cpe:2.3:o:linux:linux_kernel:2.6.32:-
Linux Kernel 2.6.32 Rc1	cpe:2.3:o:linux:linux_kernel:2.6.32:rc1
Linux Kernel 2.6.32 Rc3	cpe:2.3:o:linux:linux_kernel:2.6.32:rc3
Linux Kernel 2.6.32 Rc4	cpe:2.3:o:linux:linux_kernel:2.6.32:rc4
Linux Kernel 2.6.32 Rc5	cpe:2.3:o:linux:linux_kernel:2.6.32:rc5

Configuration #2

		CPE23	From	Up To
	Opensuse 11.1	cpe:2.3:o:opensuse:opensuse:11.1
	Opensuse 11.2	cpe:2.3:o:opensuse:opensuse:11.2
	Suse Linux Enterprise Desktop 10 SP2	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2
	Suse Linux Enterprise Desktop 10 SP3	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3
	Suse Linux Enterprise Server 10 SP2	cpe:2.3:o:suse:linux_enterprise_server:10:sp2:::-
	Suse Linux Enterprise Server 10 SP3	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-

Configuration #3

		CPE23	From	Up To
	Debian Linux 4.0	cpe:2.3:o:debian:debian_linux:4.0

Configuration #4

		CPE23	From	Up To
	Canonical Ubuntu Linux 6.06	cpe:2.3:o:canonical:ubuntu_linux:6.06
	Canonical Ubuntu Linux 8.04	cpe:2.3:o:canonical:ubuntu_linux:8.04
	Canonical Ubuntu Linux 8.10	cpe:2.3:o:canonical:ubuntu_linux:8.10
	Canonical Ubuntu Linux 9.04	cpe:2.3:o:canonical:ubuntu_linux:9.04
	Canonical Ubuntu Linux 9.10	cpe:2.3:o:canonical:ubuntu_linux:9.10

Configuration #5

		CPE23	From	Up To
	Vmware Esx 3.5	cpe:2.3:o:vmware:esx:3.5

Configuration #6

		CPE23	From	Up To
	Redhat Virtualization 5.0	cpe:2.3:a:redhat:virtualization:5.0
	Redhat Enterprise Linux Desktop 5.0	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
	Redhat Enterprise Linux Eus 5.4	cpe:2.3:o:redhat:enterprise_linux_eus:5.4
	Redhat Enterprise Linux Server 5.0	cpe:2.3:o:redhat:enterprise_linux_server:5.0
	Redhat Enterprise Linux Server Workstation 5.0	cpe:2.3:o:redhat:enterprise_linux_server_workstation:5.0

Configuration #7

		CPE23	From	Up To
	Redhat Fedora 10	cpe:2.3:o:redhat:fedora:10