CVE-2009-3725
Debian Linux Security Advisory 2012-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.
La capa de conector en el kernel Linux versiones anteriores a v2.6.31.5 no requiere de la capacidad CAP_SYS_ADMIN para ciertas interacciones de los subsistemas (1) uvesafb, (2) pohmelfs, (3) dst, o (4) dm, permitiendo a usuarios locales saltar las restricciones de acceso implementadas y obtener privilegios mediante peticiones a las funciones en esos subsistemas.
Kernel packages have been updated. It was discovered that the AX.25 network subsystem did not correctly check integer signedness in certain setsockopt calls. Jan Beulich discovered that the kernel could leak register contents to 32-bit processes that were switched to 64-bit mode. Dave Jones discovered that the gdth SCSI driver did not correctly validate array indexes in certain ioctl calls. Eric Dumazet and Jiri Pirko discovered that the TC and CLS subsystems would leak kernel memory via uninitialized structure members. Earl Chew discovered race conditions in pipe handling. There are about a dozen other issues also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-10-16 CVE Reserved
- 2009-11-06 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (13)
URL | Tag | Source |
---|---|---|
http://marc.info/?l=linux-kernel&m=125449888416314&w=2 | Mailing List | |
http://marc.info/?l=oss-security&m=125715484511380&w=2 | Mailing List | |
http://marc.info/?l=oss-security&m=125716192622235&w=2 | Mailing List | |
http://secunia.com/advisories/37113 | Third Party Advisory | |
http://secunia.com/advisories/38905 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://patchwork.kernel.org/patch/51382 | 2018-11-16 | |
http://patchwork.kernel.org/patch/51383 | 2018-11-16 | |
http://patchwork.kernel.org/patch/51384 | 2018-11-16 | |
http://patchwork.kernel.org/patch/51387 | 2018-11-16 | |
http://www.securityfocus.com/bid/36834 | 2018-11-16 |
URL | Date | SRC |
---|---|---|
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5 | 2018-11-16 | |
http://www.ubuntu.com/usn/usn-864-1 | 2018-11-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 2.6.31.5 Search vendor "Linux" for product "Linux Kernel" and version " < 2.6.31.5" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 8.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "8.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 8.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "8.10" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 9.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "9.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 9.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "9.10" | - |
Affected
|