Medium severity5.5NVD Advisory· Published Oct 22, 2009· Updated Apr 23, 2026

CVE-2009-3621

Description

net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.

Affected products

VMware/Vma
cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*
Canonical (company)/Ubuntu Linux5 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Fedoraproject/Fedora
cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <=2.6.31.4
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Desktop2 versions
cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server2 versions
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*
VMware/Esx
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patchwork.kernel.org/patch/54678/nvdExploitMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2009/10/19/2nvdExploitMailing ListPatchThird Party Advisory
www.openwall.com/lists/oss-security/2009/10/19/4nvdExploitMailing ListPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.htmlnvdMailing ListThird Party Advisory
lists.vmware.com/pipermail/security-announce/2010/000082.htmlnvdMailing ListThird Party Advisory
lkml.org/lkml/2009/10/19/50nvdMailing ListThird Party Advisory
www.ubuntu.com/usn/usn-864-1nvdThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895nvdThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921nvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2009-1540.htmlnvdThird Party Advisory
www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.htmlnvdMailing ListThird Party Advisory
secunia.com/advisories/37086nvdBroken Link
secunia.com/advisories/37909nvdBroken Link
secunia.com/advisories/38017nvdBroken Link
secunia.com/advisories/38794nvdBroken Link
secunia.com/advisories/38834nvdBroken Link
www.mandriva.com/security/advisoriesnvdBroken Link
www.redhat.com/support/errata/RHSA-2009-1670.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2009-1671.htmlnvdBroken Link
www.vupen.com/english/advisories/2010/0528nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000