PT-2008-6951 · Linux+2 · Linux Kernel+3

Frank Filz

·

Published

1970-01-01

·

Updated

2020-08-21

·

CVE-2009-1630

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions openSUSE kernel-ppc64-extra (affected versions not specified) openSUSE kernel-pmac64 (affected versions not specified) openSUSE kernel-s390x (affected versions not specified) openSUSE kernel-s390x-debug (affected versions not specified) openSUSE kernel-64k-pagesize (affected versions not specified) openSUSE kernel-iseries64 (affected versions not specified) openSUSE kernel-iseries64-debuginfo (affected versions not specified) openSUSE kernel-ppc64 (affected versions not specified) openSUSE kernel-ppc64-base (affected versions not specified) openSUSE kernel-ppc64-debuginfo (affected versions not specified) openSUSE kernel-ppc64-debugsource (affected versions not specified) SUSE Linux Enterprise kernel-default-base (affected versions not specified) SUSE Linux Enterprise kernel-pae (affected versions not specified) SUSE Linux Enterprise kernel-pae-base (affected versions not specified) SUSE Linux Enterprise kernel-pae-extra (affected versions not specified) SUSE Linux Enterprise kernel-xen-base (affected versions not specified) SUSE Linux Enterprise kernel-xen-extra (affected versions not specified) SUSE Linux Enterprise kernel-ec2 (affected versions not specified) SUSE Linux Enterprise kernel-ec2-base (affected versions not specified) Linux kernel 2.6.29.3 and earlier
Description The issue involves multiple vulnerabilities in various kernel packages of openSUSE and SUSE Linux Enterprise operating systems. These vulnerabilities can be exploited remotely, potentially leading to a disruption of protected information. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the lack of checking for execute permission bits in the nfs permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-264CWE-189

Related Identifiers

BDU:2015-04245
BDU:2015-04246
BDU:2015-04247
BDU:2015-04248
BDU:2015-04249
BDU:2015-04250
BDU:2015-04251
BDU:2015-04252
BDU:2015-04253
BDU:2015-04254
BDU:2015-04255
BDU:2015-04256
BDU:2015-04257
BDU:2015-04258
BDU:2015-04259
BDU:2015-04260
BDU:2015-04261
BDU:2015-04262
BDU:2015-04263
BDU:2015-04264
BDU:2015-04265
BDU:2015-04266
BDU:2015-05141
BDU:2015-05142
BDU:2015-05143
BDU:2015-05144
BDU:2015-05145
BDU:2015-05146
BDU:2015-05147
BDU:2015-05148
BDU:2015-05149
BDU:2015-05150
BDU:2015-05151
BDU:2015-05152
BDU:2015-05153
BDU:2015-05154
BDU:2015-05155
BDU:2015-05156
BDU:2015-05157
BDU:2015-05158
BDU:2015-05159
BDU:2015-05160
BDU:2015-05161
BDU:2015-05162
BDU:2015-05163
BDU:2015-05164
BDU:2015-05165
BDU:2015-05166
BDU:2015-05167
BDU:2015-05168
BDU:2015-05169
BDU:2015-05170
BDU:2015-05171
BDU:2015-05172
BDU:2015-05173
BDU:2015-05219
BDU:2015-05220
BDU:2015-05221
BDU:2015-05222
BDU:2015-05223
BDU:2015-05224
BDU:2015-05225
BDU:2015-05226
BDU:2015-05227
BDU:2015-05228
BDU:2015-05229
BDU:2015-05230
BDU:2015-05231
BDU:2015-05232
BDU:2015-05233
BDU:2015-05234
BDU:2015-05235
BDU:2015-05236
BDU:2015-05237
BDU:2015-05238
BDU:2015-05239
BDU:2015-05240
BDU:2015-05241
BDU:2015-05242
BDU:2015-05243
BDU:2015-05244
BDU:2015-05245
BDU:2015-05246
BDU:2015-05247
CVE-2009-1630
DSA-1809-1
DSA-1844-1
DSA-1865-1
RHSA-2009:1106
RHSA-2009:1132
RHSA-2009:1157
RHSA-2009_1106
RHSA-2009_1132

Affected Products

Linux Kernel
Red Hat
Suse Linux Enterprise
Opensuse