Secunia
Login
|
|
CVE Reference: CVE-2009-1897 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-1897 |
|
|
Description: The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/51803 SAID Secunia Advisory: SA35839 MLIST http://lkml.org/lkml/2009/7/6/19 http://article.gmane.org/gmane.linux.network/124939 http://www.openwall.com/lists/oss-security/2009/07/17/1 MISC http://grsecurity.net/~spender/cheddar_bay.tgz http://isc.sans.org/diary.html?storyid=6820 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0241.html http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0246.html CONFIRM http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3c8a9c63d5fd738c261bd0ceece04d9c8357ca13 |
|
| Return to the previous page. |
