← volver
CVE-2009-2692

CVE-2009-2692

EPSS 14.7%
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Productos afectados
n/a · n/a
PoCs públicas encontradas11
githubgithub.com/jdvalentini/CVE-2009-26920cve_referencewww.exploit-db.com/exploits/9477no verificadoexploitdbwww.exploit-db.com/exploits/9477no verificadoexploitdbwww.exploit-db.com/exploits/9479no verificadoexploitdbwww.exploit-db.com/exploits/9435no verificadoexploitdbwww.exploit-db.com/exploits/9436no verificadoexploitdbwww.exploit-db.com/exploits/19933no verificadoexploitdbwww.exploit-db.com/exploits/9545no verificadoexploitdbwww.exploit-db.com/exploits/9598no verificadocve_referencewww.exploit-db.com/exploits/19933no verificadoexploitdbwww.exploit-db.com/exploits/9641no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.htmlhttp://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.htmlhttp://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=c18d0fe535a73b219f960d1af3d0c264555a12e3http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e694958388c50148389b0e9b9e9e8945cf0f1b98http://grsecurity.net/~spender/wunderbar_emporium.tgzhttp://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.htmlhttp://rhn.redhat.com/errata/RHSA-2009-1222.htmlhttp://rhn.redhat.com/errata/RHSA-2009-1223.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=516949http://secunia.com/advisories/36278http://secunia.com/advisories/36289http://secunia.com/advisories/36327