VYPR
Medium severity5.5NVD Advisory· Published Mar 18, 2009· Updated Jun 16, 2026

CVE-2009-0935

CVE-2009-0935

Description

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Linux/Kernel3 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=2.6.27,<=2.6.27.13
    • cpe:2.3:o:linux:linux_kernel:2.6.29:rc3:*:*:*:*:*:*
    • (no CPE)range: 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.