Lucene search
MitreCVE-2009-1338HistoryApr 22, 2009 - 3:30 p.m.
CVE-2009-1338
2009-04-2215:30:00
CWE-264
mitre
web.nvd.nist.gov
69
3
cve-2009-1338
linux kernel
signal processing
pid namespaces
namespace isolation
arbitrary signals
nvd
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
4.2
Confidence
High
EPSS
0
Percentile
10.1%
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.
Affected configurations
Node
linuxlinux_kernelRange≤2.6.27.21
ORlinuxlinux_kernelMatch2.2.27
ORlinuxlinux_kernelMatch2.4.36
ORlinuxlinux_kernelMatch2.4.36.1
ORlinuxlinux_kernelMatch2.4.36.2
ORlinuxlinux_kernelMatch2.4.36.3
ORlinuxlinux_kernelMatch2.4.36.4
ORlinuxlinux_kernelMatch2.4.36.5
ORlinuxlinux_kernelMatch2.4.36.6
ORlinuxlinux_kernelMatch2.6
ORlinuxlinux_kernelMatch2.6.18
ORlinuxlinux_kernelMatch2.6.18rc1
ORlinuxlinux_kernelMatch2.6.18rc2
ORlinuxlinux_kernelMatch2.6.18rc3
ORlinuxlinux_kernelMatch2.6.18rc4
ORlinuxlinux_kernelMatch2.6.18rc5
ORlinuxlinux_kernelMatch2.6.18rc6
ORlinuxlinux_kernelMatch2.6.18rc7
ORlinuxlinux_kernelMatch2.6.19.4
ORlinuxlinux_kernelMatch2.6.19.5
ORlinuxlinux_kernelMatch2.6.19.6
ORlinuxlinux_kernelMatch2.6.19.7
ORlinuxlinux_kernelMatch2.6.20.16
ORlinuxlinux_kernelMatch2.6.20.17
ORlinuxlinux_kernelMatch2.6.20.18
ORlinuxlinux_kernelMatch2.6.20.19
ORlinuxlinux_kernelMatch2.6.20.20
ORlinuxlinux_kernelMatch2.6.20.21
ORlinuxlinux_kernelMatch2.6.21.5
ORlinuxlinux_kernelMatch2.6.21.6
ORlinuxlinux_kernelMatch2.6.21.7
ORlinuxlinux_kernelMatch2.6.22
ORlinuxlinux_kernelMatch2.6.22.1
ORlinuxlinux_kernelMatch2.6.22.2
ORlinuxlinux_kernelMatch2.6.22.8
ORlinuxlinux_kernelMatch2.6.22.9
ORlinuxlinux_kernelMatch2.6.22.10
ORlinuxlinux_kernelMatch2.6.22.11
ORlinuxlinux_kernelMatch2.6.22.12
ORlinuxlinux_kernelMatch2.6.22.13
ORlinuxlinux_kernelMatch2.6.22.14
ORlinuxlinux_kernelMatch2.6.22.15
ORlinuxlinux_kernelMatch2.6.22.17
ORlinuxlinux_kernelMatch2.6.22.18
ORlinuxlinux_kernelMatch2.6.22.19
ORlinuxlinux_kernelMatch2.6.22.20
ORlinuxlinux_kernelMatch2.6.22.21
ORlinuxlinux_kernelMatch2.6.22.22
ORlinuxlinux_kernelMatch2.6.22_rc1
ORlinuxlinux_kernelMatch2.6.22_rc7
ORlinuxlinux_kernelMatch2.6.23
ORlinuxlinux_kernelMatch2.6.23.8
ORlinuxlinux_kernelMatch2.6.23.9
ORlinuxlinux_kernelMatch2.6.23.10
ORlinuxlinux_kernelMatch2.6.23.11
ORlinuxlinux_kernelMatch2.6.23.12
ORlinuxlinux_kernelMatch2.6.23.13
ORlinuxlinux_kernelMatch2.6.23.15
ORlinuxlinux_kernelMatch2.6.23.16
ORlinuxlinux_kernelMatch2.6.23.17
ORlinuxlinux_kernelMatch2.6.23_rc1
ORlinuxlinux_kernelMatch2.6.24
ORlinuxlinux_kernelMatch2.6.24.1
ORlinuxlinux_kernelMatch2.6.24.2
ORlinuxlinux_kernelMatch2.6.24.3
ORlinuxlinux_kernelMatch2.6.24.4
ORlinuxlinux_kernelMatch2.6.24.5
ORlinuxlinux_kernelMatch2.6.24.6
ORlinuxlinux_kernelMatch2.6.24.7
ORlinuxlinux_kernelMatch2.6.24_rc1
ORlinuxlinux_kernelMatch2.6.24_rc4
ORlinuxlinux_kernelMatch2.6.24_rc5
ORlinuxlinux_kernelMatch2.6.25
ORlinuxlinux_kernelMatch2.6.25x86_64
ORlinuxlinux_kernelMatch2.6.25.1
ORlinuxlinux_kernelMatch2.6.25.1x86_64
ORlinuxlinux_kernelMatch2.6.25.2
ORlinuxlinux_kernelMatch2.6.25.2x86_64
ORlinuxlinux_kernelMatch2.6.25.3
ORlinuxlinux_kernelMatch2.6.25.3x86_64
ORlinuxlinux_kernelMatch2.6.25.4
ORlinuxlinux_kernelMatch2.6.25.4x86_64
ORlinuxlinux_kernelMatch2.6.25.5
ORlinuxlinux_kernelMatch2.6.25.5x86_64
ORlinuxlinux_kernelMatch2.6.25.6
ORlinuxlinux_kernelMatch2.6.25.6x86_64
ORlinuxlinux_kernelMatch2.6.25.7
ORlinuxlinux_kernelMatch2.6.25.7x86_64
ORlinuxlinux_kernelMatch2.6.25.8
ORlinuxlinux_kernelMatch2.6.25.8x86_64
ORlinuxlinux_kernelMatch2.6.25.9
ORlinuxlinux_kernelMatch2.6.25.9x86_64
ORlinuxlinux_kernelMatch2.6.25.10
ORlinuxlinux_kernelMatch2.6.25.10x86_64
ORlinuxlinux_kernelMatch2.6.25.11
ORlinuxlinux_kernelMatch2.6.25.11x86_64
ORlinuxlinux_kernelMatch2.6.25.12
ORlinuxlinux_kernelMatch2.6.25.12x86_64
ORlinuxlinux_kernelMatch2.6.25.13
ORlinuxlinux_kernelMatch2.6.25.14
ORlinuxlinux_kernelMatch2.6.25.15
ORlinuxlinux_kernelMatch2.6.25.16
ORlinuxlinux_kernelMatch2.6.25.17
ORlinuxlinux_kernelMatch2.6.26
ORlinuxlinux_kernelMatch2.6.26.1
ORlinuxlinux_kernelMatch2.6.26.2
ORlinuxlinux_kernelMatch2.6.26.3
ORlinuxlinux_kernelMatch2.6.26.4
ORlinuxlinux_kernelMatch2.6.26.5
ORlinuxlinux_kernelMatch2.6.27
ORlinuxlinux_kernelMatch2.6.27.1
ORlinuxlinux_kernelMatch2.6.27.2
ORlinuxlinux_kernelMatch2.6.27.3
ORlinuxlinux_kernelMatch2.6.27.4
ORlinuxlinux_kernelMatch2.6.27.5
ORlinuxlinux_kernelMatch2.6.27.6
ORlinuxlinux_kernelMatch2.6.27.7
ORlinuxlinux_kernelMatch2.6.27.8
ORlinuxlinux_kernelMatch2.6.27.9
ORlinuxlinux_kernelMatch2.6.27.10
ORlinuxlinux_kernelMatch2.6.27.11
ORlinuxlinux_kernelMatch2.6.27.12
ORlinuxlinux_kernelMatch2.6.27.13
ORlinuxlinux_kernelMatch2.6.27.14
ORlinuxlinux_kernelMatch2.6.27.15
ORlinuxlinux_kernelMatch2.6.27.16
ORlinuxlinux_kernelMatch2.6.27.17
ORlinuxlinux_kernelMatch2.6.27.18
ORlinuxlinux_kernelMatch2.6.27.19
ORlinuxlinux_kernelMatch2.6.27.20
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.2.27 | cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36 | cpe:2.3:o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36.1 | cpe:2.3:o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36.2 | cpe:2.3:o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36.3 | cpe:2.3:o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36.4 | cpe:2.3:o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36.5 | cpe:2.3:o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.4.36.6 | cpe:2.3:o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6 | cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:* |
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d25141a818383b3c3b09f065698c544a7a0ec6e7
lkml.org/lkml/2008/7/23/148
secunia.com/advisories/34981
secunia.com/advisories/35120
secunia.com/advisories/35121
secunia.com/advisories/35343
secunia.com/advisories/35656
wiki.rpath.com/Advisories:rPSA-2009-0084
www.debian.org/security/2009/dsa-1787
www.debian.org/security/2009/dsa-1800
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28
www.openwall.com/lists/oss-security/2009/04/16/2
www.openwall.com/lists/oss-security/2009/04/17/4
www.openwall.com/lists/oss-security/2009/04/21/1
www.redhat.com/support/errata/RHSA-2009-1081.html
www.securityfocus.com/archive/1/503610/100/0/threaded
www.ubuntu.com/usn/usn-793-1
bugzilla.redhat.com/show_bug.cgi?id=496031
exchange.xforce.ibmcloud.com/vulnerabilities/50386
Social References
More
Related
cvelist
cvelist
CVE-2009-1338
2009-04-22 15:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:38:20
prion
prion
Command injection
2009-04-22 15:30:00
ubuntucve
ubuntucve
CVE-2009-1338
2009-04-22 00:00:00
nvd
nvd
CVE-2009-1338
2009-04-22 15:30:00
openvas
openvas
RedHat Security Advisory RHSA-2009:1081
2009-06-05 00:00:00
RedHat Security Advisory RHSA-2009:1081
2009-06-05 00:00:00
Debian Security Advisory DSA 1800-1 (linux-2.6)
2009-05-25 00:00:00
redhat
redhat
(RHSA-2009:1081) Important: kernel-rt security and bug fix update
2009-06-03 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2009-05-04 00:00:00
nessus
nessus
debian
debian
osv
osv
linux-2.6 user-mode-linux - several vulnerabilities
2009-05-15 00:00:00
linux-2.6.24 - several vulnerabilities
2009-05-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-07-02 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
4.2
Confidence
High
EPSS
0
Percentile
10.1%
Related for CVE-2009-1338