CVE-2009-3939

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.31.6 and earlier openSUSE kernel-ps3-debuginfo (affected versions not specified) openSUSE kernel-ps3-debugsource (affected versions not specified)

Description The issue affects the Linux kernel and openSUSE operating system, allowing for potential disruption of confidentiality, integrity, and availability of protected information. Exploitation can be done remotely. Specifically, the poll mode io file for the megaraid sas driver has world-writable permissions, enabling local users to modify the I/O mode of the driver by changing this file.

Recommendations For Linux kernel versions 2.6.31.6 and earlier, consider restricting access to the poll mode io file to prevent local users from modifying it. For openSUSE kernel-ps3-debuginfo and kernel-ps3-debugsource, at the moment, there is no information about a newer version that contains a fix for this vulnerability.