1. Home
  2. Vulnerabilities
  3. CVE-2009-3620

CVE-2009-3620

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 4.9 (Medium)
49% Progress
EPSS 0.04 % (13th)
0.04% Progress
Affected Products 8
Advisories 10
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.

Weaknesses
CWE-476
NULL Pointer Dereference
CWE-908
Use of Uninitialized Resource
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2009-10-22 16:00:00
(15 years ago)
Updated Date
2024-02-09 00:20:34
(7 months ago)

Affected Products

Canonical

Fedoraproject

Linux

Opensuse

Redhat

Suse

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 2.6.31.1 version cpe:2.3:o:linux:linux_kernel < 2.6.31.1

Configuration #2

    CPE23 From Up To
  Fedoraproject Fedora 10 cpe:2.3:o:fedoraproject:fedora:10

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 6.06 cpe:2.3:o:canonical:ubuntu_linux:6.06
  Canonical Ubuntu Linux 8.04 cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-
  Canonical Ubuntu Linux 8.10 cpe:2.3:o:canonical:ubuntu_linux:8.10
  Canonical Ubuntu Linux 9.04 cpe:2.3:o:canonical:ubuntu_linux:9.04
  Canonical Ubuntu Linux 9.10 cpe:2.3:o:canonical:ubuntu_linux:9.10

Configuration #4

    CPE23 From Up To
  Redhat Mrg Realtime 1.0 cpe:2.3:a:redhat:mrg_realtime:1.0

Configuration #5

    CPE23 From Up To
  Suse Linux Enterprise Debuginfo 10 SP2 cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2
  Suse Linux Enterprise Debuginfo 10 SP3 cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp3
  Opensuse 11.0 cpe:2.3:o:opensuse:opensuse:11.0
  Suse Linux Enterprise Desktop 10 SP2 cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2
  Suse Linux Enterprise Desktop 10 SP3 cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3
  Suse Linux Enterprise Server 8 cpe:2.3:o:suse:linux_enterprise_server:8
  Suse Linux Enterprise Server 10 SP2 cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:-
  Suse Linux Enterprise Server 10 SP3 cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-