VYPR
Medium severity4.7NVD Advisory· Published Jun 8, 2009· Updated Jun 16, 2026

CVE-2009-1961

CVE-2009-1961

Description

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • Linux/Kernel4 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.19
    • cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*
    • (no CPE)range: >=2.6.19, <2.6.30-rc3
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.