CVE-2009-2848
published 2009-08-18CVE-2009-2848: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local…
medium5.9CVSS 3.1
AVLACMAuNCPIPAC
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| fedoraproject | fedora | — | — |
| linux | linux_kernel | <= 2.6.29.5 | — |
| linux | linux_kernel | — | — |
| novell | linux_desktop | — | — |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_server | — | — |
| vmware | esx | — | — |
| vmware | esxi | — | — |
| vmware | vma | — | — |
| vmware | vmware_tools | — | — |
| vmware | vmware_vcenter_server | — | — |
| vmware | vmware_vsphere | — | — |
| vmware | vmware_workstation | — | — |