Vulnerability Details : CVE-2009-3725

The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.

Published 2009-11-06 15:30:01

Updated 2018-11-16 15:46:38

Source Red Hat, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2009-3725

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-3725

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	[email protected]
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2009-3725

CWE-264

Assigned by: [email protected] (Primary)

Vendor statements for CVE-2009-3725

Red Hat 2009-11-09

Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG, as they do not include the upstream change introducing this flaw.

References for CVE-2009-3725

http://www.ubuntu.com/usn/usn-864-1

Third Party Advisory

CVEs referencing this url
http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/

Exploit;Third Party Advisory
http://patchwork.kernel.org/patch/51382/

Patch;Vendor Advisory
http://patchwork.kernel.org/patch/51383/

Patch;Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5

Vendor Advisory
http://patchwork.kernel.org/patch/51384/

Patch;Vendor Advisory
http://marc.info/?l=oss-security&m=125715484511380&w=2

Mailing List;Third Party Advisory
http://patchwork.kernel.org/patch/51387/

Patch;Vendor Advisory
http://www.securityfocus.com/bid/36834

Patch;Third Party Advisory
http://marc.info/?l=oss-security&m=125716192622235&w=2

Mailing List;Third Party Advisory
http://marc.info/?l=linux-kernel&m=125449888416314&w=2

Mailing List;Third Party Advisory

Products affected by CVE-2009-3725

Linux » Linux Kernel
Versions before (<) 2.6.31.5
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 6.06 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 8.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 8.10
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 9.04
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 9.10
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Matching versions