Computer Security

CVE-2009-2692
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2009-2692
StatusUNKNOWN
DescriptionThe Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
SeverityHigh
CVSS score7,2
CVSS vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
PhaseASSIGNED (21.08.2010)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2692
ReferencesBID : 36038
 BUGTRAQ : 20090813 Linux NULL pointer dereference due to incorrect proto_ops initializations
 BUGTRAQ : 20090818 rPSA-2009-0121-1 kernel open-vm-tools
 BUGTRAQ : 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
 BUGTRAQ : 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel
 CONFIRM : http://git.kernel.org/?p=linux/kernel/git/stable/l...
 CONFIRM : http://git.kernel.org/?p=linux/kernel/git/torvalds...
 CONFIRM : http://support.avaya.com/css/P8/documents/100067254
 CONFIRM : http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0121
 CONFIRM : http://www.kernel.org/pub/linux/kernel/v2.4/Change...
 CONFIRM : http://www.kernel.org/pub/linux/kernel/v2.6/Change...
 CONFIRM : http://www.kernel.org/pub/linux/kernel/v2.6/testin...
 CONFIRM : http://www.vmware.com/security/advisories/VMSA-200...
 CONFIRM : https://bugzilla.redhat.com/show_bug.cgi?id=516949
 CONFIRM : https://issues.rpath.com/browse/RPL-3103
 DEBIAN : DSA-1865
 FULLDISC : 20090813 Linux NULL pointer dereference due to incorrect proto_ops initializations
 MISC : http://blog.cr0.org/2009/08/linux-null-pointer-der...
 MISC : http://grsecurity.net/~spender/wunderbar_emporium.tgz
 MISC : http://zenthought.org/content/file/android-root-20...
 MLIST : [oss-security] 20090814 CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc
 OVAL : oval:org.mitre.oval:def:11526
 OVAL : oval:org.mitre.oval:def:11591
 OVAL : oval:org.mitre.oval:def:8657
 REDHAT : RHSA-2009:1222
 REDHAT : RHSA-2009:1223
 REDHAT : RHSA-2009:1233
 SECUNIA : 36278
 SECUNIA : 36289
 SECUNIA : 36327
 SECUNIA : 36430
 SECUNIA : 37298
 SECUNIA : 37471
 SUSE : SUSE-SR:2009:015
 VUPEN : ADV-2009-2272
 VUPEN : ADV-2009-3316
SecurityVulns:Linux kernel uninitialized pointers
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server