{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88316?format=json","vulnerability_id":"VCID-bscn-juhe-43an","summary":"kernel: nfsv4: kernel panic in nfs4_proc_lock()","aliases":[{"alias":"CVE-2009-3726"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/127862?format=json","purl":"pkg:rpm/redhat/kernel@2.6.9-89.0.26?arch=EL","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bscn-juhe-43an"},{"vulnerability":"VCID-kpvr-e31x-bfgs"},{"vulnerability":"VCID-y5sk-ewrm-mudq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.9-89.0.26%3Farch=EL"},{"url":"http://public2.vulnerablecode.io/api/packages/128206?format=json","purl":"pkg:rpm/redhat/kernel@2.6.18-164.9.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9bng-92hg-yygp"},{"vulnerability":"VCID-bbc2-2xf7-3kfs"},{"vulnerability":"VCID-bscn-juhe-43an"},{"vulnerability":"VCID-khu8-cdvk-xyhd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-164.9.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/128237?format=json","purl":"pkg:rpm/redhat/kernel-rt@2.6.24.7-139?arch=el5rt","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7xqe-cvcu-cqeu"},{"vulnerability":"VCID-bscn-juhe-43an"},{"vulnerability":"VCID-k6jn-xb74-kyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel-rt@2.6.24.7-139%3Farch=el5rt"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3726.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3726.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3726","reference_id":"","reference_type":"","scores":[{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90462","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90478","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90496","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90502","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90509","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90503","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90521","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90519","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90531","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.9053","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05792","scoring_system":"epss","scoring_elements":"0.90527","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3726"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=529227","reference_id":"529227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=529227"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10202.c","reference_id":"CVE-2009-3726;OSVDB-59877","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10202.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1635","reference_id":"RHSA-2009:1635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1670","reference_id":"RHSA-2009:1670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0474","reference_id":"RHSA-2010:0474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0474"},{"reference_url":"https://usn.ubuntu.com/864-1/","reference_id":"USN-864-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/864-1/"}],"weaknesses":[{"cwe_id":662,"name":"Improper Synchronization","description":"The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes."},{"cwe_id":362,"name":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","description":"The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently."},{"cwe_id":672,"name":"Operation on a Resource after Expiration or Release","description":"The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked."},{"cwe_id":476,"name":"NULL Pointer Dereference","description":"A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit."}],"exploits":[{"date_added":"2009-10-14","description":"Linux Kernel < 2.6.31-rc4 - 'nfs4_proc_lock()' Denial of Service","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2009-10-15","exploit_type":"dos","platform":"linux","source_date_updated":null,"data_source":"Exploit-DB","source_url":""}],"severity_range_score":null,"exploitability":"2.0","weighted_severity":"0.1","risk_score":0.2,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bscn-juhe-43an"}