CVE-2009-2584

Severity

72%

Complexity

39%

Confidentiality

165%

Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow.

Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 15 years ago

2009-07-23 20:30:00

Last updated 6 years ago

2018-11-16 15:35:00

Affected Software

Linux Kernel

References

http://grsecurity.net/~spender/exploit_demo.c

Exploit, Third Party Advisory

[linux-kernel] 20090721 [PATCH] sgi-gru: Fix kernel stack buffer overrun

Exploit, Mailing List, Third Party Advisory

[linux-kernel] 20090720 Re: [PATCH] sgi-gru: Fix kernel stack buffer overrun

Mailing List, Third Party Advisory

37105

Third Party Advisory

35753

Third Party Advisory, VDB Entry

USN-852-1

Third Party Advisory

http://xorl.wordpress.com/2009/07/21/linux-kernel-sgi-gru-driver-off-by-one-overwrite/

Exploit, Third Party Advisory

kernel-sgigru-bo(51887)

Third Party Advisory, VDB Entry

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.