PT-2009-6665 · Debian+1 · Linux+1

Eugene Teo

·

Published

1970-01-01

·

Updated

2018-10-10

·

CVE-2009-0675

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions linux-image-2.6.26-1-parisc-smp version 2.6.26-1 linux-image-2.6.26-1-486 version 2.6.26-1 linux-image-2.6.26-1-alpha-smp version 2.6.26-1 linux-image-2.6.26-1-iop32x version 2.6.26-1 linux-headers-2.6.26-1-common-vserver version 2.6.26-1 linux-headers-2.6.26-1-486 version 2.6.26-1 linux-headers-2.6.26-1-all version 2.6.26-1 linux-headers-2.6.26-1-s390x version 2.6.26-1 linux-headers-2.6.26-1-sparc64-smp version 2.6.26-1 linux-image-2.6.26-1-vserver-powerpc version 2.6.26-1 linux-headers-2.6.26-1-alpha-smp version 2.6.26-1 linux-headers-2.6.26-1-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-r5k-cobalt version 2.6.26-1 linux-image-2.6.26-1-xen-amd64 version 2.6.26-1 linux-image-2.6.26-1-r5k-ip32 version 2.6.26-1 linux-image-2.6.26-1-5kc-malta version 2.6.26-1 linux-headers-2.6.26-1-parisc64-smp version 2.6.26-1 linux-image-2.6.26-1-vserver-686 version 2.6.26-1 linux-image-2.6.26-1-vserver-powerpc64 version 2.6.26-1 linux-image-2.6.26-1-vserver-itanium version 2.6.26-1 linux-image-2.6.26-1-alpha-generic version 2.6.26-1 linux-headers-2.6.26-1-powerpc version 2.6.26-1 linux-image-2.6.26-1-r4k-ip22 version 2.6.26-1 linux-headers-2.6.26-1-alpha-generic version 2.6.26-1 linux-image-2.6.26-1-vserver-mckinley version 2.6.26-1 linux-image-2.6.26-1-vserver-amd64 version 2.6.26-1 linux-headers-2.6.26-1-r5k-ip32 version 2.6.26-1 linux-image-2.6.26-1-powerpc version 2.6.26-1 linux-headers-2.6.26-1-vserver-itanium version 2.6.26-1 linux-headers-2.6.26-1-itanium version 2.6.26-1 linux-image-2.6.26-1-sb1-bcm91250a version 2.6.26-1 linux-image-2.6.26-1-mckinley version 2.6.26-1 linux-headers-2.6.26-1-vserver-mckinley version 2.6.26-1 linux-image-2.6.26-1-vserver-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-all-ia64 version 2.6.26-1 linux-headers-2.6.26-1-all-i386 version 2.6.26-1 linux-headers-2.6.26-1-all-powerpc version 2.6.26-1 linux-image-2.6.26-1-sparc64-smp version 2.6.26-1 linux-image-2.6.26-1-versatile version 2.6.26-1 linux-image-2.6.26-1-vserver-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-vserver-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-all-hppa version 2.6.26-1 linux-image-2.6.26-1-parisc64-smp version 2.6.26-1 linux-headers-2.6.26-1-all-arm version 2.6.26-1 linux-headers-2.6.26-1-686-bigmem version 2.6.26-1 linux-image-2.6.26-1-amd64 version 2.6.26-1 linux-image-2.6.26-1-s390-tape version 2.6.26-1 linux-headers-2.6.26-1-vserver-amd64 version 2.6.26-1 linux-headers-2.6.26-1-all-mipsel version 2.6.26-1 linux-headers-2.6.26-1-xen-amd64 version 2.6.26-1 linux-headers-2.6.26-1-4kc-malta version 2.6.26-1 linux-headers-2.6.26-1-amd64 version 2.6.26-1 linux-headers-2.6.26-1-footbridge version 2.6.26-1 linux-headers-2.6.26-1-vserver-s390x version 2.6.26-1 linux-headers-2.6.26-1-parisc-smp version 2.6.26-1 linux-headers-2.6.26-1-iop32x version 2.6.26-1 linux-image-2.6.26-1-686 version 2.6.26-1 linux-support-2.6.26-1 version 2.6.26-1 linux-headers-2.6.26-1-xen-686 version 2.6.26-1 linux-image-2.6.26-1-powerpc-smp version 2.6.26-1 linux-headers-2.6.26-1-all-amd64 version 2.6.26-1 linux-modules-2.6.26-1-xen-amd64 version 2.6.26-1 linux-headers-2.6.26-1-parisc version 2.6.26-1 linux-image-2.6.26-1-sb1a-bcm91480b version 2.6.26-1 linux-image-2.6.26-1-r5k-cobalt version 2.6.26-1 linux-headers-2.6.26-1-common-openvz version 2.6.26-1 linux-headers-2.6.26-1-vserver-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-openvz-amd64 version 2.6.26-1 linux-image-2.6.26-1-alpha-legacy version 2.6.26-1 linux-image-2.6.26-1-openvz-686 version 2.6.26-1 linux-headers-2.6.26-1-vserver-powerpc version 2.6.26-1 linux-headers-2.6.26-1-s390 version 2.6.26-1 linux-image-2.6.26-1-vserver-s390x version 2.6.26-1 linux-image-2.6.26-1-xen-686 version 2.6.26-1 linux-headers-2.6.26-1-versatile version 2.6.26-1 linux-headers-2.6.26-1-vserver-powerpc64 version 2.6.26-1 linux-headers-2.6.26-1-common version 2.6.26-1 linux-image-2.6.26-1-footbridge version 2.6.26-1 linux-image-2.6.26-1-parisc64 version 2.6.26-1 linux-headers-2.6.26-1-alpha-legacy version 2.6.26-1 linux-image-2.6.26-1-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-all-alpha version 2.6.26-1 linux-headers-2.6.26-1-all-armel version 2.6.26-1 linux-headers-2.6.26-1-r4k-ip22 version 2.6.26-1 linux-headers-2.6.26-1-sb1a-bcm91480b version 2.6.26-1 linux-headers-2.6.26-1-common-xen version 2.6.26-1 linux-image-2.6.26-1-s390x version 2.6.26-1 linux-headers-2.6.26-1-mckinley version 2.6.26-1 linux-image-2.6.26-1-parisc version 2.6.26-1 linux-headers-2.6.26-1-orion5x version 2.6.26-1 linux-headers-2.6.26-1-openvz-686 version 2.6.26-1 linux-headers-2.6.26-1-vserver-686 version 2.6.26-1 linux-image-2.6.26-1-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-powerpc64 version 2.6.26-1 linux-image-2.6.26-1-itanium version 2.6.26-1 linux-image-2.6.26-1-orion5x version 2.6.26-1 linux-headers-2.6.26-1-ixp4xx version 2.6.26-1 linux-headers-2.6.26-1-all-sparc version 2.6.26-1 linux-image-2.6.26-1-openvz-amd64 version 2.6.26-1 linux-image-2.6.26-1-ixp4xx version 2.6.26-1 linux-headers-2.6.26-1-all-s390 version 2.6.26-1 linux-headers-2.6.26-1-parisc64 version 2.6.26-1 linux-headers-2.6.26-1-powerpc-smp version 2.6.26-1 linux-headers-2.6.26-1-5kc-malta version 2.6.26-1 linux-image-2.6.26-1-powerpc64 version 2.6.26-1 linux-modules-2.6.26-1-xen-686 version 2.6.26-1 linux-headers-2.6.26-1-686 version 2.6.26-1 linux-headers-2.6.26-1-sb1-bcm91250a version 2.6.26-1 linux-image-2.6.26-1-4kc-malta version 2.6.26-1 linux-image-2.6.26-1-s390 version 2.6.26-1 linux-headers-2.6.26-1-all-mips version 2.6.26-1
Description The issue affects multiple packages of the Debian GNU/Linux operating system, including various linux-image and linux-headers packages. Exploitation of these vulnerabilities can lead to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited remotely. According to the information from Mitre, the skfp ioctl function in the Linux kernel has an "inverted logic" issue, which allows local users to reset driver statistics when the CAP NET ADMIN capability is absent.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-20

Related Identifiers

BDU:2015-01809
BDU:2015-01810
BDU:2015-01811
BDU:2015-01812
BDU:2015-01813
BDU:2015-01814
BDU:2015-01815
BDU:2015-01816
BDU:2015-01817
BDU:2015-01818
BDU:2015-01819
BDU:2015-01820
BDU:2015-01821
BDU:2015-01822
BDU:2015-01823
BDU:2015-01824
BDU:2015-01825
BDU:2015-01826
BDU:2015-01827
BDU:2015-01828
BDU:2015-01829
BDU:2015-01830
BDU:2015-01831
BDU:2015-01832
BDU:2015-01833
BDU:2015-01834
BDU:2015-01835
BDU:2015-01836
BDU:2015-01837
BDU:2015-01838
BDU:2015-01839
BDU:2015-01840
BDU:2015-01841
BDU:2015-01842
BDU:2015-01843
BDU:2015-01844
BDU:2015-01845
BDU:2015-01846
BDU:2015-01847
BDU:2015-01848
BDU:2015-01849
BDU:2015-01850
BDU:2015-01851
BDU:2015-01852
BDU:2015-01853
BDU:2015-01854
BDU:2015-01855
BDU:2015-01856
BDU:2015-01857
BDU:2015-01858
BDU:2015-01859
BDU:2015-01860
BDU:2015-01861
BDU:2015-01862
BDU:2015-01863
BDU:2015-01864
BDU:2015-01865
BDU:2015-01866
BDU:2015-01867
BDU:2015-01868
BDU:2015-01869
BDU:2015-01870
BDU:2015-01871
BDU:2015-01872
BDU:2015-01873
BDU:2015-01874
BDU:2015-01875
BDU:2015-01876
BDU:2015-01877
BDU:2015-01878
BDU:2015-01879
BDU:2015-01880
BDU:2015-01881
BDU:2015-01882
BDU:2015-01883
BDU:2015-01884
BDU:2015-01885
BDU:2015-01886
BDU:2015-01887
BDU:2015-01888
BDU:2015-01889
BDU:2015-01890
BDU:2015-01891
BDU:2015-01892
BDU:2015-01893
BDU:2015-01894
BDU:2015-01895
BDU:2015-01896
BDU:2015-01897
BDU:2015-01898
BDU:2015-01899
BDU:2015-01900
BDU:2015-01901
BDU:2015-01902
BDU:2015-01903
BDU:2015-01904
BDU:2015-01905
BDU:2015-01906
BDU:2015-01907
BDU:2015-01908
BDU:2015-01909
BDU:2015-01910
BDU:2015-01911
BDU:2015-01912
BDU:2015-01913
BDU:2015-01914
BDU:2015-01915
BDU:2015-01916
BDU:2015-01917
BDU:2015-01918
BDU:2015-01919
CVE-2009-0675
DSA-1749-1
DSA-1787-1
DSA-1794-1
RHSA-2009:0326
RHSA-2009:0360
RHSA-2009_0326

Affected Products

Linux
Red Hat