Unrated severityNVD Advisory· Published Oct 13, 2009· Updated Jun 16, 2026

CVE-2009-2908

Description

The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*
Linux/eCryptfsllm-create
Range: =2.6.31
Linux/Linux kernelllm-fuzzy
Range: =2.6.31

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/36639nvdPatch
git.kernel.orgnvd
lists.vmware.com/pipermail/security-announce/2010/000082.htmlnvd
secunia.com/advisories/37075nvd
secunia.com/advisories/37105nvd
secunia.com/advisories/38794nvd
secunia.com/advisories/38834nvd
www.openwall.com/lists/oss-security/2009/10/06/1nvd
www.ubuntu.com/usn/USN-852-1nvd
www.vupen.com/english/advisories/2010/0528nvd
bugs.launchpad.net/ecryptfs/+bug/387073nvd
bugzilla.redhat.com/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/53693nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10216nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6992nvd
rhn.redhat.com/errata/RHSA-2009-1548.htmlnvd
www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000