#VU92846 Security restrictions bypass in Linux kernel - CVE-2009-0028
Vulnerability identifier: #VU92846
Vulnerability risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform service disruption.
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.
Mitigation
Install update from vendor's repository.
Vulnerable software versions
Linux kernel: All versions
External links
https://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html
https://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
https://osvdb.org/52204
https://rhn.redhat.com/errata/RHSA-2009-0459.html
https://scary.beasts.org/security/CESA-2009-002.html
https://scarybeastsecurity.blogspot.com/2009/02/linux-kernel-minor-signal-vulnerability.html
https://secunia.com/advisories/33758
https://secunia.com/advisories/34033
https://secunia.com/advisories/34680
https://secunia.com/advisories/34917
https://secunia.com/advisories/34962
https://secunia.com/advisories/34981
https://secunia.com/advisories/35011
https://secunia.com/advisories/35120
https://secunia.com/advisories/35121
https://secunia.com/advisories/35390
https://secunia.com/advisories/35394
https://secunia.com/advisories/37471
https://wiki.rpath.com/Advisories:rPSA-2009-0084
https://www.debian.org/security/2009/dsa-1787
https://www.debian.org/security/2009/dsa-1794
https://www.debian.org/security/2009/dsa-1800
https://www.mandriva.com/security/advisories?name=MDVSA-2009:118
https://www.redhat.com/support/errata/RHSA-2009-0326.html
https://www.redhat.com/support/errata/RHSA-2009-0451.html
https://www.securityfocus.com/archive/1/503610/100/0/threaded
https://www.securityfocus.com/archive/1/507985/100/0/threaded
https://www.securityfocus.com/bid/33906
https://www.ubuntu.com/usn/usn-751-1
https://www.vmware.com/security/advisories/VMSA-2009-0016.html
https://www.vupen.com/english/advisories/2009/3316
https://bugzilla.redhat.com/show_bug.cgi?id=479932
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11187
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7947
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
