Published: 18/08/2009 Updated: 28/08/2020

CVSS v2 Base Score: 5.9 | Impact Score: 8.5 | Exploitability Score: 3.4

VMScore: 525

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:C

The execve function in the Linux kernel, possibly 2.6.30-rc6 and previous versions, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
linux linux kernel 2.6.30
novell linux desktop 9
opensuse opensuse 11.0
suse linux enterprise desktop 10
suse linux enterprise server 9
suse linux enterprise server 10
fedoraproject fedora 11
canonical ubuntu linux 6.06
canonical ubuntu linux 8.04
canonical ubuntu linux 8.10
canonical ubuntu linux 9.04
redhat enterprise linux desktop 3.0
redhat enterprise linux desktop 5.0
redhat enterprise linux server 3.0
redhat enterprise linux server 5.0
redhat enterprise linux workstation 3.0
redhat enterprise linux workstation 5.0
vmware esx 4.0
vmware vma 4.0

Solar Designer discovered that the z90crypt driver did not correctly check capabilities A local attacker could exploit this to shut down the device, leading to a denial of service Only affected Ubuntu 606 (CVE-2009-1883) ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture Lo ...

CWE-269 http://article.gmane.org/gmane.linux.kernel/871942 http://www.openwall.com/lists/oss-security/2009/08/05/10 http://www.openwall.com/lists/oss-security/2009/08/04/2 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html http://secunia.com/advisories/36501 http://secunia.com/advisories/35983 http://secunia.com/advisories/36759 http://www.redhat.com/support/errata/RHSA-2009-1438.html https://rhn.redhat.com/errata/RHSA-2009-1550.html http://secunia.com/advisories/37351 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vupen.com/english/advisories/2009/3316 http://secunia.com/advisories/37471 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://secunia.com/advisories/37105 http://www.ubuntu.com/usn/USN-852-1 http://secunia.com/advisories/36562 http://rhn.redhat.com/errata/RHSA-2009-1243.html https://exchange.xforce.ibmcloud.com/vulnerabilities/52899 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412 http://www.securityfocus.com/archive/1/512019/100/0/threaded http://www.securityfocus.com/archive/1/507985/100/0/threaded https://nvd.nist.gov https://usn.ubuntu.com/852-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2848

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect