#VU92669 Permissions, privileges, and access controls in Linux kernel - CVE-2009-1337
Vulnerability identifier: #VU92669
Vulnerability risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to security restrictions bypass error within the exit_notify() function in kernel/exit.c. A local user can read and manipulate data.
Mitigation
Install update from vendor's repository.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=432870dab85a2f69dc417022646cb9a70acf7f94
https://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
https://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
https://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
https://marc.info/?l=linux-kernel&m=123560588713763&w=2
https://patchwork.kernel.org/patch/16544/
https://rhn.redhat.com/errata/RHSA-2009-0473.html
https://secunia.com/advisories/34917
https://secunia.com/advisories/34981
https://secunia.com/advisories/35011
https://secunia.com/advisories/35015
https://secunia.com/advisories/35120
https://secunia.com/advisories/35121
https://secunia.com/advisories/35160
https://secunia.com/advisories/35185
https://secunia.com/advisories/35226
https://secunia.com/advisories/35324
https://secunia.com/advisories/35387
https://secunia.com/advisories/35390
https://secunia.com/advisories/35394
https://secunia.com/advisories/35656
https://secunia.com/advisories/37471
https://wiki.rpath.com/Advisories:rPSA-2009-0084
https://www.debian.org/security/2009/dsa-1787
https://www.debian.org/security/2009/dsa-1794
https://www.debian.org/security/2009/dsa-1800
https://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc1
https://www.mandriva.com/security/advisories?name=MDVSA-2009:119
https://www.mandriva.com/security/advisories?name=MDVSA-2009:135
https://www.openwall.com/lists/oss-security/2009/04/07/1
https://www.openwall.com/lists/oss-security/2009/04/17/3
https://www.redhat.com/support/errata/RHSA-2009-0451.html
https://www.redhat.com/support/errata/RHSA-2009-1024.html
https://www.redhat.com/support/errata/RHSA-2009-1077.html
https://www.securityfocus.com/archive/1/503610/100/0/threaded
https://www.securityfocus.com/archive/1/507985/100/0/threaded
https://www.securityfocus.com/archive/1/512019/100/0/threaded
https://www.securityfocus.com/bid/34405
https://www.securitytracker.com/id?1022141
https://www.ubuntu.com/usn/usn-793-1
https://www.vmware.com/security/advisories/VMSA-2009-0016.html
https://www.vupen.com/english/advisories/2009/3316
https://bugzilla.redhat.com/show_bug.cgi?id=493771
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10919
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11206
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8295
https://rhn.redhat.com/errata/RHSA-2009-1550.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
