Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-3725

The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.

Published

2009-11-06T15:30:00.547

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 2.6.31.5	Yes
Operating System	canonical	ubuntu_linux	6.06	Yes
Operating System	canonical	ubuntu_linux	8.04	Yes
Operating System	canonical	ubuntu_linux	8.10	Yes
Operating System	canonical	ubuntu_linux	9.04	Yes
Operating System	canonical	ubuntu_linux	9.10	Yes

References

http://marc.info/?l=linux-kernel&m=125449888416314&w=2 Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=oss-security&m=125715484511380&w=2 Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=oss-security&m=125716192622235&w=2 Mailing List, Third Party Advisory ([email protected])
http://patchwork.kernel.org/patch/51382/ Patch, Vendor Advisory ([email protected])
http://patchwork.kernel.org/patch/51383/ Patch, Vendor Advisory ([email protected])
http://patchwork.kernel.org/patch/51384/ Patch, Vendor Advisory ([email protected])
http://patchwork.kernel.org/patch/51387/ Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/37113 Third Party Advisory ([email protected])
http://secunia.com/advisories/38905 Third Party Advisory ([email protected])
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/36834 Patch, Third Party Advisory ([email protected])
http://www.ubuntu.com/usn/usn-864-1 Third Party Advisory ([email protected])
http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/ Exploit, Third Party Advisory ([email protected])
http://marc.info/?l=linux-kernel&m=125449888416314&w=2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=oss-security&m=125715484511380&w=2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=oss-security&m=125716192622235&w=2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://patchwork.kernel.org/patch/51382/ Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://patchwork.kernel.org/patch/51383/ Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://patchwork.kernel.org/patch/51384/ Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://patchwork.kernel.org/patch/51387/ Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37113 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/38905 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/36834 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-864-1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)