Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-2767

CWE-119 — Buffer Overflow CWE-476 — NULL Pointer Dereference7 documents7 sources

Severity

7.2HIGH

EPSS

0.1%

top 68.42%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Linux Linux Kernel Linux Kernel

Timeline

PublishedAug 14

Latest updateMay 2

Description

The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDlinux/linux_kernel2.6.16.31+72

▶NVDlinux/kernel2.6.24.7, 2.6.25.15+1

Patches

Patch: lkml.org ↗Patch: lkml.org ↗Patch: lkml.org ↗

🔴Vulnerability Details

GHSA

GHSA-j7ff-hmc8-4xc8: The init_posix_timers function in kernel/posix-timers↗2022-05-02

▶

CVEList

CVE-2009-2767: The init_posix_timers function in kernel/posix-timers↗2009-08-14

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel 2.6.x - 'posix-timers.c' Null Pointer Dereference Denial of Service↗2009-08-06

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2009-10-22

▶

Red Hat

kernel: clock_nanosleep() with CLOCK_MONOTONIC_RAW NULL pointer dereference↗2009-08-03

▶

💬Community

Bugzilla

CVE-2009-2767 kernel: clock_nanosleep() with CLOCK_MONOTONIC_RAW NULL pointer dereference↗2009-08-06

▶