kernel: privilege escalation [LWN.net]

Package(s):

kernel

CVE #(s):

CVE-2009-2692

Created:

August 18, 2009

Updated:

October 5, 2009

Description:

From the Mandriva advisory: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation on a PF_PPPOX socket.

Alerts:

Red Hat	RHSA-2009:1469-01	2009-09-30
Red Hat	RHSA-2009:1457-01	2009-09-22
SuSE	SUSE-SR:2009:015	2009-09-15
Mandriva	MDVSA-2009:233	2009-09-14
Red Hat	RHSA-2009:1239-02	2009-09-01
Red Hat	RHSA-2009:1239-01	2009-09-01
CentOS	CESA-2009:1233	2009-08-29
Red Hat	RHSA-2009:1233-01	2009-08-27
Fedora	FEDORA-2009-9044	2009-08-27
Slackware	SSA:2009-231-01	2009-08-20
CentOS	CESA-2009:1222	2009-08-24
CentOS	CESA-2009:1223	2009-08-24
Red Hat	RHSA-2009:1222-02	2009-08-24
Red Hat	RHSA-2009:1223-02	2009-08-24
SuSE	SUSE-SA:2009:045	2009-08-20
Ubuntu	USN-819-1	2009-08-19
Slackware	SSA:2009-230-01	2009-08-19
rPath	rPSA-2009-0121-1	2009-08-18
Fedora	FEDORA-2009-8649	2009-08-15
Fedora	FEDORA-2009-8647	2009-08-15
Debian	DSA-1865-1	2009-08-16
Debian	DSA-1864-1	2009-08-16
Debian	DSA-1862-1	2009-08-14
Mandriva	MDVSA-2009:205	2009-09-17
Fedora	FEDORA-2009-10165	2009-10-03

(Log in to post comments)