7.8

CVE-2009-2692

Exploit
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.4.4 < 2.4.37.5
LinuxLinux Kernel Version >= 2.6.0 < 2.6.30.5
DebianDebian Linux Version4.0
RedhatEnterprise Linux Eus Version4.8
RedhatEnterprise Linux Eus Version5.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.75% 0.962
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

http://secunia.com/advisories/37471
Vendor Advisory
Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316
Vendor Advisory
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
Mailing List
http://www.securityfocus.com/archive/1/512019/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://secunia.com/advisories/36327
Vendor Advisory
Broken Link
http://www.debian.org/security/2009/dsa-1865
Third Party Advisory
Mailing List
http://secunia.com/advisories/37298
Vendor Advisory
Broken Link
http://support.avaya.com/css/P8/documents/100067254
Third Party Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html
Exploit
Broken Link
http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html
Exploit
Issue Tracking
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=c18d0fe535a73b219f960d1af3d0c264555a12e3
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e694958388c50148389b0e9b9e9e8945cf0f1b98
Broken Link
http://grsecurity.net/~spender/wunderbar_emporium.tgz
Broken Link
http://rhn.redhat.com/errata/RHSA-2009-1222.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2009-1223.html
Third Party Advisory
http://secunia.com/advisories/36278
Vendor Advisory
Broken Link
http://secunia.com/advisories/36289
Vendor Advisory
Broken Link
http://secunia.com/advisories/36430
Vendor Advisory
Broken Link
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0121
Broken Link
http://www.exploit-db.com/exploits/19933
Third Party Advisory
Exploit
VDB Entry
http://www.exploit-db.com/exploits/9477
Third Party Advisory
VDB Entry
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.5
Vendor Advisory
Broken Link
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5
Vendor Advisory
Broken Link
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc6
Vendor Advisory
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:233
Broken Link
http://www.openwall.com/lists/oss-security/2009/08/14/1
Patch
Mailing List
http://www.redhat.com/support/errata/RHSA-2009-1233.html
Broken Link
http://www.securityfocus.com/archive/1/505751/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/archive/1/505912/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/36038
Third Party Advisory
Exploit
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2009/2272
Patch
Vendor Advisory
Broken Link
http://zenthought.org/content/file/android-root-2009-08-16-source
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=516949
Patch
Issue Tracking
https://issues.rpath.com/browse/RPL-3103
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11526
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11591
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8657
Broken Link