CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:C/A:N
EPSS
Percentile
99.7%
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD
capability before handling a user request in a thread, which allows local
users to create device nodes, as demonstrated on a filesystem that has been
exported with the root_squash option.