7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the
Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks
gcc option is omitted, allows local users to gain privileges via vectors
involving a NULL pointer dereference and an mmap of /dev/net/tun, a
different vulnerability than CVE-2009-1894.