{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87920?format=json","vulnerability_id":"VCID-fcjb-4n2a-auh4","summary":"kernel: emergency route cache flushing leads to node deadlock","aliases":[{"alias":"CVE-2009-4272"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128036?format=json","purl":"pkg:rpm/redhat/kernel@2.6.18-164.11.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6maj-yfz2-p7h3"},{"vulnerability":"VCID-7xqe-cvcu-cqeu"},{"vulnerability":"VCID-bzck-use4-7ygm"},{"vulnerability":"VCID-c7vw-3qbq-wubw"},{"vulnerability":"VCID-d3sv-sfxz-jyg8"},{"vulnerability":"VCID-djq9-mejy-b7ah"},{"vulnerability":"VCID-fcjb-4n2a-auh4"},{"vulnerability":"VCID-h61x-6rtm-w7b3"},{"vulnerability":"VCID-k6jn-xb74-kyex"},{"vulnerability":"VCID-mwme-pa6q-q7d4"},{"vulnerability":"VCID-zha6-q3tu-p7cs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-164.11.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/127990?format=json","purl":"pkg:rpm/redhat/rhev-hypervisor@5.4-2.1.8?arch=el5_4rhev2_1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1zut-zzp8-zuav"},{"vulnerability":"VCID-6pr3-u8uq-7fh4"},{"vulnerability":"VCID-be19-1hme-s7aq"},{"vulnerability":"VCID-fcjb-4n2a-auh4"},{"vulnerability":"VCID-r8cf-83fy-4yhh"},{"vulnerability":"VCID-raqh-x8at-ekhf"},{"vulnerability":"VCID-tgbr-6n9k-8be2"},{"vulnerability":"VCID-z5bw-m9x1-pbht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhev-hypervisor@5.4-2.1.8%3Farch=el5_4rhev2_1"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4272.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4272.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4272","reference_id":"","reference_type":"","scores":[{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82764","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.8278","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82794","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82815","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82821","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82838","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82833","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82829","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82868","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82867","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.8287","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82892","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.829","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0181","scoring_system":"epss","scoring_elements":"0.82905","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4272"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=545411","reference_id":"545411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=545411"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0046","reference_id":"RHSA-2010:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0095","reference_id":"RHSA-2010:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0095"}],"weaknesses":[{"cwe_id":662,"name":"Improper Synchronization","description":"The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes."},{"cwe_id":362,"name":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","description":"The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently."},{"cwe_id":672,"name":"Operation on a Resource after Expiration or Release","description":"The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked."},{"cwe_id":476,"name":"NULL Pointer Dereference","description":"A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fcjb-4n2a-auh4"}