CVE-2009-1072
published 2009-03-25CVE-2009-1072: nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create…
medium4.9CVSS 3.1
AVLACLAuNCNICAN
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| linux | linux_kernel | < 2.6.28.9 | 2.6.28.9 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_server | — | — |
| vmware | esx | — | — |
| vmware | esx | — | — |
| vmware | esx | — | — |
| vmware | esxi | — | — |
| vmware | server | — | — |
| vmware | vcenter_server | — | — |
| vmware | virtualcenter | — | — |
| vmware | virtualcenter | — | — |
| vmware | vma | — | — |
| vmware | vmware_tools | — | — |
| vmware | vmware_vcenter_server | — | — |
| vmware | vmware_vsphere | — | — |
| vmware | vmware_workstation | — | — |