CVE-2009-3288

Publication date 22 September 2009

Last updated 24 July 2024

Ubuntu priority

The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	9.04 jaunty	Fixed 2.6.28-16.55
	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not in release
linux-source-2.6.15	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Proposed: http://lkml.org/lkml/2009/9/3/107

References

Related Ubuntu Security Notices (USN)

USN-852-1
Linux kernel vulnerabilities
22 October 2009

CVE-2009-3288

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references