QwikSec

Security Database

CVE

CWE

Training

CVE-2009-2695

Published: Aug 28, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) interaction between the mmap_min_addr protection mechanism and certain application programs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc7

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=84336d1a77ccd2c06a730ddd38e695c2324a7386

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d9959734a1949ea4f2427bd2d8b21ede6b2441c

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=517830

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ab5a91a8364c3d6fc617abc47cc81d162c01d90a

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

third-party-advisory

x_refsource_SECUNIA

[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

mailing-list

x_refsource_MLIST

http://patchwork.kernel.org/patch/36540/

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=47d439e9fb8a81a90022cfa785bf1c36c4e2aff6

x_refsource_CONFIRM

http://patchwork.kernel.org/patch/36539/

x_refsource_CONFIRM

http://kbase.redhat.com/faq/docs/DOC-18042

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=788084aba2ab7348257597496befcbccabdc98a3

x_refsource_CONFIRM

http://eparis.livejournal.com/606.html

x_refsource_CONFIRM

http://twitter.com/spendergrsec/statuses/3303390960

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=511143

x_refsource_CONFIRM

FEDORA-2009-9044

vendor-advisory

x_refsource_FEDORA

http://patchwork.kernel.org/patch/36649/

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

http://thread.gmane.org/gmane.linux.kernel.lsm/9075

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=a2551df7ec568d87793d2eea4ca744e86318f205

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://danwalsh.livejournal.com/30084.html

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=7c73875e7dda627040b12c19b01db634fa7f0fd1

x_refsource_CONFIRM

oval:org.mitre.oval:def:9882

vdb-entry

signature

x_refsource_OVAL

http://patchwork.kernel.org/patch/36650/

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c0d90103c7e0eb6e638e5b649e9f6d8d9c1b4b3

x_refsource_CONFIRM

[oss-security] 20090817 SELinux and mmap_min_addr behaviour (CVE-2009-2695)

mailing-list

x_refsource_MLIST

oval:org.mitre.oval:def:7144

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8cf948e744e0218af604c32edecde10006dc8e9e

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.