CVE-2009-2695

N/A Unknown
Published: August 28, 2009 Modified: April 23, 2026
View on NVD

Description

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) interaction between the mmap_min_addr protection mechanism and certain application programs.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://danwalsh.livejournal.com/30084.html
Source: cve@mitre.org
Exploit
http://eparis.livejournal.com/606.html
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=47d439e9fb8a81a90022cfa785bf1c36c4e2aff6
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=7c73875e7dda627040b12c19b01db634fa7f0fd1
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=84336d1a77ccd2c06a730ddd38e695c2324a7386
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=a2551df7ec568d87793d2eea4ca744e86318f205
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d9959734a1949ea4f2427bd2d8b21ede6b2441c
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=788084aba2ab7348257597496befcbccabdc98a3
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8cf948e744e0218af604c32edecde10006dc8e9e
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c0d90103c7e0eb6e638e5b649e9f6d8d9c1b4b3
Source: cve@mitre.org
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ab5a91a8364c3d6fc617abc47cc81d162c01d90a
Source: cve@mitre.org
http://kbase.redhat.com/faq/docs/DOC-18042
Source: cve@mitre.org
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
Source: cve@mitre.org
http://patchwork.kernel.org/patch/36539/
Source: cve@mitre.org
http://patchwork.kernel.org/patch/36540/
Source: cve@mitre.org
http://patchwork.kernel.org/patch/36649/
Source: cve@mitre.org
Patch
http://patchwork.kernel.org/patch/36650/
Source: cve@mitre.org
http://secunia.com/advisories/36501
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/37105
Source: cve@mitre.org
http://secunia.com/advisories/38794
Source: cve@mitre.org
http://secunia.com/advisories/38834
Source: cve@mitre.org
http://thread.gmane.org/gmane.linux.kernel.lsm/9075
Source: cve@mitre.org
http://twitter.com/spendergrsec/statuses/3303390960
Source: cve@mitre.org
http://www.debian.org/security/2010/dsa-2005
Source: cve@mitre.org
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc7
Source: cve@mitre.org
http://www.openwall.com/lists/oss-security/2009/08/17/4
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2009-1672.html
Source: cve@mitre.org
http://www.securityfocus.com/bid/36051
Source: cve@mitre.org
Patch
http://www.ubuntu.com/usn/USN-852-1
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2010/0528
Source: cve@mitre.org
https://bugzilla.redhat.com/show_bug.cgi?id=511143
Source: cve@mitre.org
https://bugzilla.redhat.com/show_bug.cgi?id=517830
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7144
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9882
Source: cve@mitre.org
https://rhn.redhat.com/errata/RHSA-2009-1540.html
Source: cve@mitre.org
https://rhn.redhat.com/errata/RHSA-2009-1548.html
Source: cve@mitre.org
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
Source: cve@mitre.org
http://danwalsh.livejournal.com/30084.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://eparis.livejournal.com/606.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=47d439e9fb8a81a90022cfa785bf1c36c4e2aff6
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=7c73875e7dda627040b12c19b01db634fa7f0fd1
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=84336d1a77ccd2c06a730ddd38e695c2324a7386
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/jmorris/security-testing-2.6.git%3Ba=commit%3Bh=a2551df7ec568d87793d2eea4ca744e86318f205
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d9959734a1949ea4f2427bd2d8b21ede6b2441c
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=788084aba2ab7348257597496befcbccabdc98a3
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8cf948e744e0218af604c32edecde10006dc8e9e
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c0d90103c7e0eb6e638e5b649e9f6d8d9c1b4b3
Source: af854a3a-2127-422b-91ae-364da2661108
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ab5a91a8364c3d6fc617abc47cc81d162c01d90a
Source: af854a3a-2127-422b-91ae-364da2661108
http://kbase.redhat.com/faq/docs/DOC-18042
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://patchwork.kernel.org/patch/36539/
Source: af854a3a-2127-422b-91ae-364da2661108
http://patchwork.kernel.org/patch/36540/
Source: af854a3a-2127-422b-91ae-364da2661108
http://patchwork.kernel.org/patch/36649/
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://patchwork.kernel.org/patch/36650/
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/36501
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/37105
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38794
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38834
Source: af854a3a-2127-422b-91ae-364da2661108
http://thread.gmane.org/gmane.linux.kernel.lsm/9075
Source: af854a3a-2127-422b-91ae-364da2661108
http://twitter.com/spendergrsec/statuses/3303390960
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2010/dsa-2005
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc7
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openwall.com/lists/oss-security/2009/08/17/4
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-1672.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/36051
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.ubuntu.com/usn/USN-852-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2010/0528
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=511143
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=517830
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7144
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9882
Source: af854a3a-2127-422b-91ae-364da2661108
https://rhn.redhat.com/errata/RHSA-2009-1540.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://rhn.redhat.com/errata/RHSA-2009-1548.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
Source: af854a3a-2127-422b-91ae-364da2661108

74 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
23th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

linux

Related CVEs

CVE-2026-7073 7.3
CVE-2026-7072 7.3
CVE-2026-7071 5.3
CVE-2026-7070 7.3
CVE-2026-7069 8.0