Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2009-4021 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2009-4021

CVE-2009-4021

UNKNOWN

The fuse_direct_io function in fs/fuse/file

Published Nov 25, 2009

Modified 1 years ago

Details

The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.

References

WEBhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f60311d5f7670d9539b424e4ed8b5c0872fc9e83 ADVISORYhttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html ADVISORYhttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html ADVISORYhttp://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html ADVISORYhttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html ADVISORYhttp://secunia.com/advisories/37909 ADVISORYhttp://secunia.com/advisories/38017 WEBhttp://support.avaya.com/css/P8/documents/100073666 ADVISORYhttp://www.debian.org/security/2010/dsa-2005 WEBhttp://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc7 WEBhttp://www.openwall.com/lists/oss-security/2009/11/19/1 WEBhttp://www.openwall.com/lists/oss-security/2009/11/24/5 ADVISORYhttp://www.redhat.com/support/errata/RHSA-2010-0041.html WEBhttp://www.securityfocus.com/bid/37069 WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=538734 WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/54358 WEBhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10516 WEBhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6955 ADVISORYhttps://rhn.redhat.com/errata/RHSA-2010-0046.html ADVISORYhttps://rhn.redhat.com/errata/RHSA-2010-0095.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2009-4021

CVSS Analysis

CVSS v2.0

4.9

Exploitability

Access Vector

LocalAV:L

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

CompleteA:C

4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C

Ecosystems

Timeline

PublishedNov 25, 2009

ModifiedAug 7, 2024