Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12385
HistorySep 23, 2009 - 12:00 a.m.

Linux Kernel O_EXCL NFSv4本地权限提升漏洞

2009-09-2300:00:00
Root
www.seebug.org
16

0.0004 Low

EPSS

Percentile

8.6%

JSON

BUGTRAQ ID: 36472
CVE ID: CVE-2009-3286

Linux Kernel是开放源码操作系统Linux所使用的内核。

当O_EXCL创建文件失败时,Linux Kernel的NFSv4没有正确地清除inode。这导致以不安全的设置(如setuid位)创建文件,本地用户可以通过执行do_open_permission函数获得权限提升。

Linux kernel 2.6.x
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://git.kernel.org/linus/af85852d
http://git.kernel.org/linus/81ac95c5
http://git.kernel.org/linus/79fb54ab

Related

prion 1
ubuntucve 1
cve 1
veracode 1
openvas 22
redhat 2
nessus 17
centos 1
oraclelinux 2
suse 2
osv 3
debian 3
securityvulns 1
ubuntu 1
vmware 4
prion
prion
Design/Logic Flaw
2009-09-22 10:30:00
ubuntucve
ubuntucve
CVE-2009-3286
2009-09-22 00:00:00
cve
cve
CVE-2009-3286
2009-09-22 10:30:00
veracode
veracode
Privilege Escalation
2020-04-10 00:39:05
openvas
openvas
CentOS Update for kernel CESA-2009:1548 centos5 i386
2011-08-09 00:00:00
CentOS Update for kernel CESA-2009:1548 centos5 i386
2011-08-09 00:00:00
Oracle: Security Advisory (ELSA-2009-1548)
2015-10-08 00:00:00
redhat
redhat
(RHSA-2009:1548) Important: kernel security and bug fix update
2009-11-03 00:00:00
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
nessus
nessus
OracleVM 2.2 : kernel (OVMSA-2009-0033)
2014-11-26 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2013-03-06 00:00:00
openSUSE Security Update : kernel (kernel-1593)
2009-12-01 00:00:00
centos
centos
kernel security update
2009-11-04 19:57:14
oraclelinux
oraclelinux
kernel security and bug fix update
2009-11-03 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
suse
suse
remote denial of service in kernel
2009-12-02 17:15:31
local privilege escalation, remote denial of in kernel
2010-02-15 16:54:24
osv
osv
linux-2.6 - several vulnerabilities
2009-10-22 00:00:00
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
debian
debian
[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-11-06 00:51:43
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 15:58:04
[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-11-05 22:03:48
securityvulns
securityvulns
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

0.0004 Low

EPSS

Percentile

8.6%

JSON
Related for SSV:12385
prion1ubuntucve1cve1veracode1openvas22redhat2nessus17centos1oraclelinux2suse2osv3debian3securityvulns1ubuntu1vmware4