Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 283826 (CVE-2009-3043)

Summary: Kernel: tty_ldisc_hangup() DoS, Privilege Escalation (CVE-2009-3043)
Product: Gentoo Security Reporter: Alex Legler (RETIRED) <a3li>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: hardened-kernel+disabled, kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5c58ceff103d8a654f24769bb1baaf84a841b0cc
Whiteboard: [linux <2.6.31]
Package list:
Runtime testing required: ---

Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-06 09:50:10 UTC 
CVE-2009-3043 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3043):
  The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the
  Linux kernel before 2.6.31-rc8 allows local users to cause a denial
  of service (system crash, sometimes preceded by a NULL pointer
  dereference) or possibly gain privileges via certain pseudo-terminal
  I/O activity, as demonstrated by KernelTtyTest.c.