CVE-2009-3080

Linux Kernel < 2.6.31.6 - Improper Array Index Validation

Title source: rule

Description

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

References (27)

... and 7 more

Scores

EPSS 0.0007
EPSS Percentile 21.3%

Classification

CWE
CWE-129
Status draft

Affected Products (25)

linux/linux_kernel < 2.6.31.6
linux/linux_kernel
linux/linux_kernel
linux/linux_kernel
linux/linux_kernel
linux/linux_kernel
opensuse/opensuse
opensuse/opensuse
suse/linux_enterprise_desktop
suse/linux_enterprise_desktop
suse/linux_enterprise_server
suse/linux_enterprise_server
debian/debian_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
... and 10 more

Timeline

Published Nov 20, 2009
Tracked Since Feb 18, 2026