6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the
Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks
gcc option is omitted, allows local users to gain privileges via vectors
involving a NULL pointer dereference and an mmap of /dev/net/tun, a
different vulnerability than CVE-2009-1894.