[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-2848Date: (C)2009-08-18   (M)2024-02-22


The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.9
Exploit Score: 3.4
Impact Score: 8.5
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: COMPLETE
  
Reference:
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/archive/1/512019/100/0/threaded
SECUNIA-35983
SECUNIA-36501
SECUNIA-36562
SECUNIA-36759
SECUNIA-37105
SECUNIA-37351
SECUNIA-37471
ADV-2009-3316
FEDORA-2009-9044
RHSA-2009:1243
RHSA-2009:1438
RHSA-2009:1550
SUSE-SA:2009:054
SUSE-SA:2009:056
SUSE-SA:2010:012
USN-852-1
http://article.gmane.org/gmane.linux.kernel/871942
http://www.openwall.com/lists/oss-security/2009/08/04/2
http://www.openwall.com/lists/oss-security/2009/08/05/10
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
kernel-execve-dos(52899)
oval:org.mitre.oval:def:11412
oval:org.mitre.oval:def:8598
oval:org.mitre.oval:def:9766

CPE    19
cpe:/o:opensuse:opensuse:11.0
cpe:/o:canonical:ubuntu_linux:9.04
cpe:/o:redhat:enterprise_linux:5.0
cpe:/o:suse:linux_enterprise_server:9
...
CWE    1
CWE-269
OVAL    16
oval:org.secpod.oval:def:202178
oval:org.secpod.oval:def:500497
oval:org.mitre.oval:def:8168
oval:org.mitre.oval:def:7937
...

© SecPod Technologies