CVE-2009-3288

Publication date 22 September 2009

Last updated 24 July 2024

Ubuntu priority

The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux-source-2.6.15	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected
linux	9.04 jaunty	Fixed 2.6.28-16.55
	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Proposed: http://lkml.org/lkml/2009/9/3/107

References

Related Ubuntu Security Notices (USN)

USN-852-1
Linux kernel vulnerabilities
22 October 2009

CVE-2009-3288

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references