Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-2847

7 documents7 sources
Severity
4.9MEDIUM
EPSS
0.2%
top 60.10%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Linux Linux KernelLinux Kernel
Timeline
PublishedAug 18
Latest updateMay 2

Description

The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages2 packages

NVDlinux/linux_kernel2.6.16.31+72
NVDlinux/kernel2.6.24.7, 2.6.25.15+1

Patches

Patch: www.openwall.comPatch: www.openwall.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-c85v-8h9f-3jwr: The do_sigaltstack function in kernel/signal2022-05-02
CVEList
CVE-2009-2847: The do_sigaltstack function in kernel/signal2009-08-18

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure2009-08-04

📋Vendor Advisories

2
Ubuntu
Linux kernel vulnerabilities2009-10-22
Red Hat
kernel: information leak in sigaltstack2009-07-31

💬Community

1
Bugzilla
CVE-2009-2847 kernel: information leak in sigaltstack2009-08-04
CVE-2009-2847 (MEDIUM CVSS 4.9) | The do_sigaltstack function in kern | cvebase.io