Vulnerability CVE-2009-0747 - CERT Civis.Net

Vulnerability Name:

CVE-2009-0747 (CCN-49071)

Assigned:

2009-01-07

Published:

2009-01-07

Updated:

2018-10-10

Summary:

The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
3.9 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.9 Medium (REDHAT CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
3.9 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: Kernel Bug Tracker Bug 12375
ext4_block_to_path block too big cause cpu to burn

Source: CONFIRM
Type: Patch
http://bugzilla.kernel.org/show_bug.cgi?id=12375

Source: MITRE
Type: CNA
CVE-2009-0747

Source: CCN
Type: Linux Kernel GIT Repository
ext4: only use i_size_high for regular files

Source: CONFIRM
Type: UNKNOWN
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=06a279d636734da32bb62dd2f7b0ade666f65d7c

Source: CONFIRM
Type: UNKNOWN
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.19

Source: CCN
Type: The Linux Kernel Archives Web site
ChangeLog-2.6.28.7

Source: CONFIRM
Type: UNKNOWN
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.7

Source: CCN
Type: RHSA-2009-1243
Important: Red Hat Enterprise Linux 5.4 kernel security and bug fix update

Source: REDHAT
Type: UNKNOWN
RHSA-2009:1243

Source: SECUNIA
Type: UNKNOWN
34394

Source: SECUNIA
Type: UNKNOWN
36562

Source: SECUNIA
Type: UNKNOWN
37471

Source: DEBIAN
Type: UNKNOWN
DSA-1749

Source: DEBIAN
Type: DSA-1749
linux-2.6 -- denial of service/privilege escalation/sensitive memory leak

Source: BUGTRAQ
Type: UNKNOWN
20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

Source: CCN
Type: USN-751-1
Linux kernel vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-751-1

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2009-0016.html

Source: VUPEN
Type: Vendor Advisory
ADV-2009-0509

Source: VUPEN
Type: UNKNOWN
ADV-2009-3316

Source: XF
Type: UNKNOWN
linux-kernel-ext4-mount-dos(49071)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:8585

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9200

Vulnerable Configuration:

Configuration 1:

cpe:/o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc8:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc9:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc8:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc9:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:rc6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:29153	P	RHSA-2009:1243 -- Red Hat Enterprise Linux 5.4 kernel security and bug fix update (Important)	2015-08-17
oval:org.mitre.oval:def:12994	P	USN-751-1 -- linux, linux-source-2.6.22 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:8381	P	DSA-1749 linux-2.6 -- denial of service/privilege escalation/sensitive memory leak	2014-06-23
oval:org.mitre.oval:def:13503	P	DSA-1749-1 linux-2.6 -- denial of service/privilege escalation/sensitive memory leak	2014-06-23
oval:org.mitre.oval:def:21973	P	ELSA-2009:1243: Oracle Linux 5.x.4 kernel security and bug fix update (Important)	2014-05-26
oval:org.mitre.oval:def:8585	V	VMware kernel ext4_isize function vulnerability	2014-01-20
oval:org.mitre.oval:def:9200	V	The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.	2013-04-29
oval:com.redhat.rhsa:def:20091243	P	RHSA-2009:1243: Red Hat Enterprise Linux 5.4 kernel security and bug fix update (Important)	2009-09-02
oval:org.debian:def:1749	V	denial of service/privilege escalation/sensitive memory leak	2009-03-20