mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
122 lines
4.4 KiB
JSON
122 lines
4.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"ID": "CVE-2009-3725",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5"
|
|
},
|
|
{
|
|
"name": "38905",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/38905"
|
|
},
|
|
{
|
|
"name": "[linux-kernel] 20091002 Re: [PATCH 0/8] SECURITY ISSUE with connector",
|
|
"refsource": "MLIST",
|
|
"url": "http://marc.info/?l=linux-kernel&m=125449888416314&w=2"
|
|
},
|
|
{
|
|
"name": "USN-864-1",
|
|
"refsource": "UBUNTU",
|
|
"url": "http://www.ubuntu.com/usn/usn-864-1"
|
|
},
|
|
{
|
|
"name": "http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/",
|
|
"refsource": "MISC",
|
|
"url": "http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/"
|
|
},
|
|
{
|
|
"name": "http://patchwork.kernel.org/patch/51383/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://patchwork.kernel.org/patch/51383/"
|
|
},
|
|
{
|
|
"name": "37113",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/37113"
|
|
},
|
|
{
|
|
"name": "http://patchwork.kernel.org/patch/51387/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://patchwork.kernel.org/patch/51387/"
|
|
},
|
|
{
|
|
"name": "http://patchwork.kernel.org/patch/51382/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://patchwork.kernel.org/patch/51382/"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20091102 Re: CVE request: kernel: connector security bypass",
|
|
"refsource": "MLIST",
|
|
"url": "http://marc.info/?l=oss-security&m=125716192622235&w=2"
|
|
},
|
|
{
|
|
"name": "[oss-security] 20091102 CVE request: kernel: connector security bypass",
|
|
"refsource": "MLIST",
|
|
"url": "http://marc.info/?l=oss-security&m=125715484511380&w=2"
|
|
},
|
|
{
|
|
"name": "http://patchwork.kernel.org/patch/51384/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://patchwork.kernel.org/patch/51384/"
|
|
},
|
|
{
|
|
"name": "36834",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/36834"
|
|
}
|
|
]
|
|
}
|
|
} |