7.2
CVE-2009-3725
- EPSS 0.05%
- Published 06.11.2009 15:30:00
- Last modified 09.04.2025 00:30:58
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 2.6.31.5
Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts
Canonical ≫ Ubuntu Linux Version8.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version8.10
Canonical ≫ Ubuntu Linux Version9.04
Canonical ≫ Ubuntu Linux Version9.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.108 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|