CVE-2009-3547

HIGH EXPLOITED

Linux Kernel < 2.6.31.14 - Race Condition

Title source: rule

Description

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

Exploits (5)

exploitdb WORKING POC VERIFIED

by Earl Chew · bashlocallinux

https://www.exploit-db.com/exploits/10018

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by teach & xipe · clocallinux

https://www.exploit-db.com/exploits/33322

View Code ZIP pw:eip

exploitdb WORKING POC

by spender · clocallinux

https://www.exploit-db.com/exploits/40812

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Matthew Bergin · pythonlocallinux

https://www.exploit-db.com/exploits/9844

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by teach & xipe · clocallinux

https://www.exploit-db.com/exploits/33321

View Code ZIP pw:eip

References (29)

[Broken Link] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html

[Broken Link, Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

[Mailing List, Third Party Advisory] http://lists.vmware.com/pipermail/security-announce/2010/000082.html

[Exploit, Mailing List] http://lkml.org/lkml/2009/10/14/184

[Mailing List, Patch] http://lkml.org/lkml/2009/10/21/42

[Mailing List, Third Party Advisory] http://marc.info/?l=oss-security&m=125724568017045&w=2

[Broken Link] http://secunia.com/advisories/37351

[Broken Link] http://secunia.com/advisories/38017

[Broken Link] http://secunia.com/advisories/38794

[Broken Link] http://secunia.com/advisories/38834

[Broken Link] http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6

[Broken Link] http://www.mandriva.com/security/advisories?name=MDVSA-2009:329

[Broken Link] http://www.redhat.com/support/errata/RHSA-2009-1672.html

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/512019/100/0/threaded

[Broken Link, Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/36901

[Third Party Advisory] http://www.ubuntu.com/usn/usn-864-1

[Broken Link] http://www.vupen.com/english/advisories/2010/0528

... and 9 more

Scores

CVSS v3 7.0

EPSS 0.0305

EPSS Percentile 86.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

VulnCheck KEV 2026-02-09

Classification

CWE

CWE-362 CWE-476 CWE-672

Status draft

Affected Products (32)

linux/linux_kernel < 2.6.31.14

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

novell/linux_desktop

opensuse/opensuse

opensuse/opensuse

suse/suse_linux_enterprise_desktop

suse/suse_linux_enterprise_server

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

... and 17 more

Timeline

Published Nov 04, 2009

Tracked Since Feb 18, 2026