CVE-2009-2848

CWE-269 — Improper Privilege Management CWE-119 — Buffer Overflow6 documents6 sources

Severity

5.9MEDIUM

EPSS

0.1%

top 77.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

12

Linux Linux Kernel Canonical Ubuntu Linux Fedoraproject Fedora +9 more

Timeline

PublishedAug 18

Latest updateMay 2

Description

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.

CVSS vector

AV:L/AC:M/C:P/I:P/A:CExploitability: 3.4 | Impact: 8.5

Affected Packages10 packages

▶NVDlinux/linux_kernel2.6.29.5+1

▶NVDnovell/linux_desktop9

▶NVDsuse/linux_enterprise_server10, 9+1

▶NVDsuse/linux_enterprise_desktop10

▶NVDredhat/enterprise_linux_server3.0, 5.0+1

Also affects: Ubuntu Linux 6.06, 8.04, 8.10, 9.04, Fedora 11

🔴Vulnerability Details

2

GHSA

GHSA-2589-6chq-5gj4: The execve function in the Linux kernel, possibly 2↗2022-05-02

▶

CVEList

CVE-2009-2848: The execve function in the Linux kernel, possibly 2↗2009-08-18

▶

📋Vendor Advisories

2

Ubuntu

Linux kernel vulnerabilities↗2009-10-22

▶

Red Hat

kernel: execve: must clear current->clear_child_tid↗2009-07-31

▶

💬Community

1

Bugzilla

CVE-2009-2848 kernel: execve: must clear current->clear_child_tid↗2009-08-04

▶

CVE-2009-2848 (MEDIUM CVSS 5.9) | The execve function in the Linux ke | cvebase.io