- Home
- CVEs with nessus.description==Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems :
- CVE-2009-1895
Julien Tinnes and Tavis Ormandy reported an issue in the
Linux personality code. Local users can take advantage
of a setuid binary that can either be made to
dereference a NULL pointer or drop privileges and return
control to the user. This allows a user to bypass
mmap_min_addr restrictions which can be exploited to
execute arbitrary code.
- CVE-2009-2287
Matt T. Yourst discovered an issue in the kvm subsystem.
Local users with permission to manipulate /dev/kvm can
cause a denial of service (hang) by providing an invalid
cr3 value to the KVM_SET_SREGS call.
- CVE-2009-2406 CVE-2009-2407
Ramon de Carvalho Valle discovered two issues with the
eCryptfs layered filesystem using the fsfuzzer utility.
A local user with permissions to perform an eCryptfs
mount may modify the contents of a eCryptfs file,
overflowing the stack and potentially gaining elevated
privileges
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top