5.9

CVE-2009-2848

Exploit
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.29.5
LinuxLinux Kernel Version2.6.30 Update-
LinuxLinux Kernel Version2.6.30 Updaterc1
LinuxLinux Kernel Version2.6.30 Updaterc2
LinuxLinux Kernel Version2.6.30 Updaterc3
LinuxLinux Kernel Version2.6.30 Updaterc4
LinuxLinux Kernel Version2.6.30 Updaterc5
LinuxLinux Kernel Version2.6.30 Updaterc6
NovellLinux Desktop Version9
OpensuseOpensuse Version11.0
SuseLinux Enterprise Desktop Version10 Updatesp2
SuseLinux Enterprise Server Version10 Updatesp2
FedoraprojectFedora Version11
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04
CanonicalUbuntu Linux Version8.10
CanonicalUbuntu Linux Version9.04
VMwareEsx Version4.0
VMwareVma Version4.0
   RedhatEnterprise Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.52% 0.397
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 3.4 8.5
AV:L/AC:M/Au:N/C:P/I:P/A:C
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

http://secunia.com/advisories/37471
Broken Link
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3316
Broken Link
http://www.securityfocus.com/archive/1/512019/100/0/threaded
Third Party Advisory
VDB Entry
https://rhn.redhat.com/errata/RHSA-2009-1550.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2009-1243.html
Third Party Advisory
http://secunia.com/advisories/36562
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/37351
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/36759
Broken Link
http://www.redhat.com/support/errata/RHSA-2009-1438.html
Broken Link
http://secunia.com/advisories/37105
Broken Link
http://www.ubuntu.com/usn/USN-852-1
Third Party Advisory
http://secunia.com/advisories/36501
Broken Link
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
Third Party Advisory
Mailing List
http://article.gmane.org/gmane.linux.kernel/871942
Broken Link
http://secunia.com/advisories/35983
Broken Link
http://www.openwall.com/lists/oss-security/2009/08/04/2
Third Party Advisory
Exploit
Mailing List
http://www.openwall.com/lists/oss-security/2009/08/05/10
Third Party Advisory
Exploit
Mailing List
https://exchange.xforce.ibmcloud.com/vulnerabilities/52899
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766
Third Party Advisory