CVE-2009-2584

Linux kernel <2.6.30.2 - Memory Corruption

Title source: llm

Description

Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow.

References (8)

[Exploit, Third Party Advisory] http://grsecurity.net/~spender/exploit_demo.c

[Exploit, Mailing List, Third Party Advisory] http://lkml.org/lkml/2009/7/20/348

[Mailing List, Third Party Advisory] http://lkml.org/lkml/2009/7/20/362

[Third Party Advisory] http://secunia.com/advisories/37105

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/35753

[Third Party Advisory] http://www.ubuntu.com/usn/USN-852-1

[Exploit, Third Party Advisory] http://xorl.wordpress.com/2009/07/21/linux-kernel-sgi-gru-driver-off-by-one-overwrite/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/51887

Scores

EPSS 0.0007

EPSS Percentile 20.7%

Classification

CWE

CWE-189

Status draft

Affected Products (1)

linux/linux_kernel < 2.6.30.2

Timeline

Published Jul 23, 2009

Tracked Since Feb 18, 2026