CVE-2009-3620

moderate-risk
Published 2009-10-22

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.

Do I need to act?

-
0.09% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (16)

Affected Vendors

Canonical Opensuse Fedoraproject Redhat Suse Linux

References (54)

Broken Link http://article.gmane.org/gmane.linux.kernel/892259
Broken Link http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=...
Mailing List http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
Broken Link http://lists.vmware.com/pipermail/security-announce/2010/000082.html
Broken Link http://secunia.com/advisories/36707
Broken Link http://secunia.com/advisories/37909
Broken Link http://secunia.com/advisories/38794
Broken Link http://secunia.com/advisories/38834
Broken Link http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log
Broken Link http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
Broken Link http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
Mailing List http://www.openwall.com/lists/oss-security/2009/10/19/1
Mailing List http://www.openwall.com/lists/oss-security/2009/10/19/3
Broken Link http://www.redhat.com/support/errata/RHSA-2009-1670.html
Broken Link http://www.redhat.com/support/errata/RHSA-2009-1671.html
Broken Link http://www.redhat.com/support/errata/RHSA-2010-0882.html
Broken Link http://www.securityfocus.com/bid/36824
and 34 more references
42
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 0/34 · Minimal
Exposure 18/34 · Moderate