CVE-2009-1388

Impact:
Moderate
Public Date:
2009-07-02
Bugzilla:
504263: CVE-2009-1388 kernel: do_coredump() vs ptrace_start() deadlock

The MITRE CVE dictionary describes this issue as:

The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the do_coredump function, which allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread.

Find out more about CVE-2009-1388 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG.

It was addressed in Red Hat Enterprise 5 via: https://rhn.redhat.com/errata/RHSA-2009-1193.html

CVSS v2 metrics

Base Score 2.1
Base Metrics AV:L/AC:L/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (kernel) RHSA-2009:1193 2009-08-04
Red Hat Enterprise Linux EUS (v. 5.3 server) (kernel) RHSA-2009:1193 2009-08-04

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.