CVE-2009-2848

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.

References

http://article.gmane.org/gmane.linux.kernel/871942

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

http://rhn.redhat.com/errata/RHSA-2009-1243.html

http://secunia.com/advisories/35983

http://secunia.com/advisories/36501

http://secunia.com/advisories/36562

http://secunia.com/advisories/36759

http://secunia.com/advisories/37105

http://secunia.com/advisories/37351

http://secunia.com/advisories/37471

http://www.openwall.com/lists/oss-security/2009/08/04/2

http://www.openwall.com/lists/oss-security/2009/08/05/10

http://www.redhat.com/support/errata/RHSA-2009-1438.html

http://www.securityfocus.com/archive/1/507985/100/0/threaded

http://www.securityfocus.com/archive/1/512019/100/0/threaded

http://www.ubuntu.com/usn/USN-852-1

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

http://www.vupen.com/english/advisories/2009/3316

https://exchange.xforce.ibmcloud.com/vulnerabilities/52899

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766

https://rhn.redhat.com/errata/RHSA-2009-1550.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html

Details

Source: MITRE

Published: 2009-08-18

Updated: 2020-08-28

Type: CWE-269

Risk Information

CVSS v2

Base Score: 5.9

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:C

Impact Score: 8.5

Exploitability Score: 3.4

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 2.6.29.5 (inclusive)

cpe:2.3:o:linux:linux_kernel:2.6.30:-:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:a:vmware:vma:4.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
89117VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)NessusMisc.
critical
79507OracleVM 2.2 : kernel (OVMSA-2013-0039)NessusOracleVM Local Security Checks
high
67955Oracle Linux 3 : kernel (ELSA-2009-1550)NessusOracle Linux Local Security Checks
high
67925Oracle Linux 4 : kernel (ELSA-2009-1438)NessusOracle Linux Local Security Checks
high
67070CentOS 3 : kernel (CESA-2009:1550)NessusCentOS Local Security Checks
high
63898RHEL 5 : kernel (RHSA-2009:1466)NessusRed Hat Local Security Checks
medium
60688Scientific Linux Security Update : kernel on SL3.x i386/x86_64NessusScientific Linux Local Security Checks
high
59140SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6636)NessusSuSE Local Security Checks
high
47150VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernelNessusVMware ESX Local Security Checks
high
44793Debian DSA-1928-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leakNessusDebian Local Security Checks
high
44737Debian DSA-1872-1 : linux-2.6 - denial of service/privilege escalation/information leakNessusDebian Local Security Checks
high
44621openSUSE Security Update : kernel (kernel-1908)NessusSuSE Local Security Checks
critical
43790CentOS 4 : kernel (CESA-2009:1438)NessusCentOS Local Security Checks
high
43779CentOS 5 : kernel (CESA-2009:1243)NessusCentOS Local Security Checks
medium
42870VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.NessusVMware ESX Local Security Checks
medium
42812SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)NessusSuSE Local Security Checks
high
42465SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6632)NessusSuSE Local Security Checks
high
42360RHEL 3 : kernel (RHSA-2009:1550)NessusRed Hat Local Security Checks
high
42209Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-852-1)NessusUbuntu Local Security Checks
high
40998RHEL 4 : kernel (RHSA-2009:1438)NessusRed Hat Local Security Checks
high
40835RHEL 5 : kernel (RHSA-2009:1243)NessusRed Hat Local Security Checks
medium
40780Fedora 11 : kernel-2.6.29.6-217.2.16.fc11 (2009-9044)NessusFedora Local Security Checks
high
801476CentOS RHSA-2009-1438 Security CheckLog Correlation EngineGeneric
high