← voltar
CVE-2009-2692

CVE-2009-2692

EPSS 14.7%
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Produtos afetados
n/a · n/a
PoCs públicas encontradas11
githubgithub.com/jdvalentini/CVE-2009-26920cve_referencewww.exploit-db.com/exploits/9477não verificadoexploitdbwww.exploit-db.com/exploits/9477não verificadoexploitdbwww.exploit-db.com/exploits/9479não verificadoexploitdbwww.exploit-db.com/exploits/9435não verificadoexploitdbwww.exploit-db.com/exploits/9436não verificadoexploitdbwww.exploit-db.com/exploits/19933não verificadoexploitdbwww.exploit-db.com/exploits/9545não verificadoexploitdbwww.exploit-db.com/exploits/9598não verificadocve_referencewww.exploit-db.com/exploits/19933não verificadoexploitdbwww.exploit-db.com/exploits/9641não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.htmlhttp://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.htmlhttp://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=c18d0fe535a73b219f960d1af3d0c264555a12e3http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e694958388c50148389b0e9b9e9e8945cf0f1b98http://grsecurity.net/~spender/wunderbar_emporium.tgzhttp://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.htmlhttp://rhn.redhat.com/errata/RHSA-2009-1222.htmlhttp://rhn.redhat.com/errata/RHSA-2009-1223.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=516949http://secunia.com/advisories/36278http://secunia.com/advisories/36289http://secunia.com/advisories/36327