Lucene search

K
f5F5F5:K16349
HistoryApr 01, 2015 - 12:00 a.m.

K16349 : Linux kernel vulnerability CVE-2009-0676

2015-04-0100:00:00
my.f5.com
4

6.4 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

Security Advisory Description

Description

The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)

Impact

None

Status

To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:

Product Versions known to be vulnerable Versions known to be not vulnerable Severity Vulnerable component or feature
BIG-IP LTM None
11.0.0 - 11.6.0
10.0.0 - 10.2.4
Not vulnerable None
BIG-IP AAM None 11.4.0 - 11.6.0
Not vulnerable None
BIG-IP AFM None 11.3.0 - 11.6.0
Not vulnerable None
BIG-IP Analytics None 11.0.0 - 11.6.0
Not vulnerable None
BIG-IP APM None 11.0.0 - 11.6.0
10.1.0 - 10.2.4
Not vulnerable None
BIG-IP ASM None 11.0.0 - 11.6.0
10.0.0 - 10.2.4
Not vulnerable None
BIG-IP Edge Gateway
None 11.0.0 - 11.3.0
10.1.0 - 10.2.4
Not vulnerable None
BIG-IP GTM None 11.0.0 - 11.6.0
10.0.0 - 10.2.4
Not vulnerable None
BIG-IP Link Controller None
11.0.0 - 11.6.0
10.0.0 - 10.2.4
Not vulnerable None
BIG-IP PEM None
11.3.0 - 11.6.0
Not vulnerable None
BIG-IP PSM None 11.0.0 - 11.4.1
10.0.0 - 10.2.4
Not vulnerable None
BIG-IP WebAccelerator None 11.0.0 - 11.3.0
10.0.0 - 10.2.4
Not vulnerable None
BIG-IP WOM None 11.0.0 - 11.3.0
10.0.0 - 10.2.4
Not vulnerable None
ARX None 6.0.0 - 6.4.0
Not vulnerable None
Enterprise Manager None 3.0.0 - 3.1.1
2.1.0 - 2.3.0
Not vulnerable None
FirePass None 7.0.0
6.0.0 - 6.1.0
Not vulnerable None
BIG-IQ Cloud None
4.0.0 - 4.5.0
Not vulnerable None
BIG-IQ Device None
4.2.0 - 4.5.0
Not vulnerable None
BIG-IQ Security None
4.0.0 - 4.5.0
Not vulnerable None
BIG-IQ ADC None
4.5.0
Not vulnerable None
LineRate None
2.2.0 - 2.5.0
1.6.0 - 1.6.4
Not vulnerable None
F5 WebSafe None
1.0.0
Not vulnerable None
Traffix SDC None
3.3.2 - 3.5.1
4.0.0 - 4.1.0
Not vulnerable None

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.

Recommended Action

None

Supplemental Information

6.4 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%