Security restrictions bypass in Linux kernel - CVE-2009-3725
Published: November 6, 2009 / Updated: November 16, 2018
Vulnerability identifier: #VU92836
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2009-3725
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to execute arbitrary code.
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.
How to mitigate CVE-2009-3725
Install update from vendor's repository.
Sources
- http://marc.info/?l=linux-kernel&m=125449888416314&w=2
- http://marc.info/?l=oss-security&m=125715484511380&w=2
- http://marc.info/?l=oss-security&m=125716192622235&w=2
- http://patchwork.kernel.org/patch/51382/
- http://patchwork.kernel.org/patch/51383/
- http://patchwork.kernel.org/patch/51384/
- http://patchwork.kernel.org/patch/51387/
- http://secunia.com/advisories/37113
- http://secunia.com/advisories/38905
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5
- http://www.securityfocus.com/bid/36834
- http://www.ubuntu.com/usn/usn-864-1
- http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/