Lucene search
Ubuntu.comUB:CVE-2009-3286HistorySep 22, 2009 - 12:00 a.m.
CVE-2009-3286
2009-09-2200:00:00
ubuntu.com
ubuntu.com
10
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.3%
NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not
properly clean up an inode when an O_EXCL create fails, which causes files
to be created with insecure settings such as setuid bits, and possibly
allows local users to gain privileges, related to the execution of the
do_open_permission function even when a create fails.
Bugs
Related
prion
prion
Design/Logic Flaw
2009-09-22 10:30:00
cve
cve
CVE-2009-3286
2009-09-22 10:30:00
seebug
seebug
Linux Kernel O_EXCL NFSv4本地权限提升漏洞
2009-09-23 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:39:05
redhat
redhat
(RHSA-2009:1548) Important: kernel security and bug fix update
2009-11-03 00:00:00
(RHSA-2009:1692) Important: rhev-hypervisor security and bug fix update
2009-12-23 00:00:00
nessus
nessus
OracleVM 2.2 : kernel (OVMSA-2009-0033)
2014-11-26 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2013-03-06 00:00:00
openSUSE Security Update : kernel (kernel-1593)
2009-12-01 00:00:00
centos
centos
kernel security update
2009-11-04 19:57:14
openvas
openvas
Oracle: Security Advisory (ELSA-2009-1548)
2015-10-08 00:00:00
CentOS Update for kernel CESA-2009:1548 centos5 i386
2011-08-09 00:00:00
CentOS Update for kernel CESA-2009:1548 centos5 i386
2011-08-09 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-11-03 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
suse
suse
remote denial of service in kernel
2009-12-02 17:15:31
local privilege escalation, remote denial of in kernel
2010-02-15 16:54:24
osv
osv
linux-2.6 - several vulnerabilities
2009-10-22 00:00:00
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
debian
debian
securityvulns
securityvulns
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
9.3%
Related for UB:CVE-2009-3286