← back
CVE-2009-2691

CVE-2009-2691

EPSS 0.4%
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=00f89d218523b9bf6b522349c039d5ac80aa536dhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13f0feafa6b8aead57a2a328e2fca6a5828bf286http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=704b836cbf19e885f8366bccb2e4b0474346c02dhttp://lkml.org/lkml/2009/6/23/652http://lkml.org/lkml/2009/6/23/653http://marc.info/?l=linux-kernel&m=124718946021193http://marc.info/?l=linux-kernel&m=124718949821250https://bugzilla.redhat.com/show_bug.cgi?id=516171http://secunia.com/advisories/36265http://secunia.com/advisories/36501https://exchange.xforce.ibmcloud.com/vulnerabilities/52401https://rhn.redhat.com/errata/RHSA-2009-1540.html