What is the severity of CVE-2009-2692?

CVE-2009-2692 is considered to be a high severity vulnerability due to its potential for local privilege escalation.

How do I fix CVE-2009-2692?

To fix CVE-2009-2692, update your kernel to the recommended versions, such as 0:2.6.24.7-132.el5 or 0:2.6.18-128.7.1.el5.

What are the symptoms of CVE-2009-2692 exploitation?

Exploitation of CVE-2009-2692 may lead to unexpected kernel crashes or system instability due to a NULL pointer dereference.

Which systems are affected by CVE-2009-2692?

CVE-2009-2692 affects various Linux kernel versions, particularly those before version 2.6.30.5.

Can CVE-2009-2692 be exploited without authentication?

Yes, CVE-2009-2692 can be exploited by a local user without requiring authentication, leading to potential privilege escalation.

Vulnerability/
CVE-2009-2692

high

7.8

CWE

119 476 456 908

12/8/2009

13/8/2009

14/8/2009

7/8/2024

CVE-2009-2692: Buffer Overflow

First published: Wed Aug 12 2009(Updated: )

Description of problem: Reported by Tavis Ormandy and Julien Tinnes. The SOCKOPS_WRAP macro from include/linux/net.h doesn't initialise the sendpage operation in the proto_ops structure correctly. Leading to a kernel NULL pointer dereference, and thus a local privilege escalation. Acknowledgements: Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google Security Team for responsibly reporting this flaw.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
redhat/kernel-rt	<0:2.6.24.7-132.el5	0:2.6.24.7-132.el5
redhat/kernel	<0:2.6.18-128.7.1.el5	0:2.6.18-128.7.1.el5
redhat/kernel	<0:2.6.18-92.1.28.el5	0:2.6.18-92.1.28.el5
Linux kernel	=2.4.19
Linux kernel	=2.4.15
Linux kernel	=2.4.30-rc3
Linux kernel	=2.4.27
Linux kernel	=2.6.11
Linux kernel	=2.6.16.16
Linux kernel	=2.6.11.2
Linux kernel	=2.6.15.3
Linux kernel	=2.4.11
Linux kernel	=2.6.11.10
Linux kernel	=2.6.1
Linux kernel	=2.4.32
Linux kernel	=2.6.14.7
Linux kernel	=2.4.23
Linux kernel	=2.6.13
Linux kernel	=2.6.13.3
Linux kernel	=2.6.11.8
Linux kernel	=2.4.36.6
Linux kernel	=2.4.26
Linux kernel	=2.4.18
Linux kernel	=2.4.27
Linux kernel	=2.6.30-rc2
Linux kernel	=2.6.14.4
Linux kernel	=2.6.14
Linux kernel	=2.4.18
Linux kernel	=2.4.18
Linux kernel	=2.6.16.18
Linux kernel	=2.6.10
Linux kernel	=2.4.12
Linux kernel	=2.6.14.3
Linux kernel	=2.6.30-rc3
Linux kernel	=2.4.13
Linux kernel	=2.6.11.6
Linux kernel	=2.6.11.11
Linux kernel	=2.6.16.13
Linux kernel	=2.4.36.2
Linux kernel	=2.4.17
Linux kernel	=2.6.16.15
Linux kernel	=2.4.33.2
Linux kernel	=2.6.15.6
Linux kernel	=2.4.19
Linux kernel	=2.6.15.1
Linux kernel	=2.6.11.5
Linux kernel	=2.4.21
Linux kernel	=2.6.16.1
Linux kernel	=2.4.23
Linux kernel	=2.6.14.5
Linux kernel	=2.6.13.2
Linux kernel	=2.4.36.1
Linux kernel	=2.6.13.5
Linux kernel	=2.4.7
Linux kernel	=2.6.16.11
Linux kernel	=2.4.25
Linux kernel	=2.6.16.14
Linux kernel	=2.6.16.25
Linux kernel	=2.4.31--pre1
Linux kernel	=2.6.16.21
Linux kernel	=2.6.16.28
Linux kernel	=2.6.14.1
Linux kernel	=2.4.9
Linux kernel	=2.6.16.23
Linux kernel	=2.6.12.5
Linux kernel	=2.6.15.7
Linux kernel	=2.4.18
Linux kernel	=2.4.29--rc2
Linux kernel	=2.4.21
Linux kernel	=2.4.36.4
Linux kernel	=2.4.34
Linux kernel	=2.6.14.6
Linux kernel	=2.6.12.1
Linux kernel	=2.6.11.9
Linux kernel	=2.4.19
Linux kernel	=2.4.30
Linux kernel	=2.4.28
Linux kernel	=2.4.19
Linux kernel	=2.4.35.3
Linux kernel	=2.4.32--pre2
Linux kernel	=2.6.0
Linux kernel	=2.4.21
Linux kernel	=2.4.36.3
Linux kernel	=2.6.13.4
Linux kernel	=2.4.27
Linux kernel	=2.4.24
Linux kernel	=2.4.10
Linux kernel	=2.6.12.2
Linux kernel	=2.4.27
Linux kernel	=2.6.30-rc5
Linux kernel	=2.6.16.26
Linux kernel	=2.4.18
Linux kernel	=2.4.30-rc2
Linux kernel	=2.4.33
Linux kernel	=2.4.16
Linux kernel	=2.4.8
Linux kernel	=2.4.19
Linux kernel	=2.4.14
Linux kernel	=2.4.33.7
Linux kernel	=2.6.16
Linux kernel	=2.6.30.4
Linux kernel	=2.6.15.2
Linux kernel	=2.6.16.22
Linux kernel	=2.4.18
Linux kernel	=2.4.33.3
Linux kernel	=2.4.18
Linux kernel	=2.4.29--rc1
Linux kernel	=2.6.16.10
Linux kernel	=2.6.12.4
Linux kernel	=2.6.11.3
Linux kernel	=2.6.16.24
Linux kernel	=2.4.23
Red Hat Kernel-devel	=2.6.24.7
Linux kernel	=2.6.12.3
Linux kernel	=2.4.21
Linux kernel	=2.6.30.2
Linux kernel	=2.4.33.4
Linux kernel	=2.4.22
Linux kernel	=2.4.18
Linux kernel	=2.4.5
Linux kernel	=2.4.36.7
Linux kernel	=2.6.15.4
Linux kernel	=2.6.30.1
Linux kernel	=2.6.16.17
Linux kernel	=2.4.18
Linux kernel	=2.6.16.12
Linux kernel	=2.4.18
Linux kernel	=2.6.16.27
Linux kernel	=2.4.33-p-re1
Linux kernel	=2.6.12.6
Linux kernel	=2.6.11.7
Linux kernel	=2.6.16.2
Linux kernel	=2.6.15
Linux kernel	=2.4.37.1
Linux kernel	=2.4.36
Linux kernel	=2.4.27
Linux kernel	=2.4.4
Linux kernel	=2.4.32--pre1
Linux kernel	=2.4.19
Red Hat Kernel-devel	=2.6.25.15
Linux kernel	=2.6.14.2
Linux kernel	=2.4.36.5
Linux kernel	=2.4.27
Linux kernel	=2.4.6
Linux kernel	=2.4.33.5
Linux kernel	=2.4.19
Linux kernel	=2.6.30-rc6
Linux kernel	=2.4.37--rc1
Linux kernel	=2.4.29
Linux kernel	=2.6.30-rc1
Linux kernel	=2.6.30
Linux kernel	=2.6.11.4
Linux kernel	=2.6.16.19
Linux kernel	=2.4.20
Linux kernel	=2.6.11.12
Linux kernel	=2.6.16.20
Linux kernel	=2.6.15.5
Linux kernel	=2.4.36.8
Linux kernel	=2.6.30-rc7-git6
Linux kernel	=2.6.11.1
Linux kernel	=2.6.13.1
Linux kernel	=2.6
Linux kernel	=2.6.12
Linux Kernel	>=2.4.4<2.4.37.5
Linux Kernel	>=2.6.0<2.6.30.5
Debian	=4.0
SUSE Linux Enterprise Real Time Extension	=10
Red Hat Enterprise Linux Desktop	=4.0
Red Hat Enterprise Linux Desktop	=5.0
Red Hat Enterprise Linux Server EUS	=4.8
Red Hat Enterprise Linux Server EUS	=5.3
Red Hat Enterprise Linux Server	=4.0
Red Hat Enterprise Linux Server	=5.0
Red Hat Enterprise Linux Server	=5.3
Red Hat Enterprise Linux Workstation	=4.0
Red Hat Enterprise Linux Workstation	=5.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2009-2692?
CVE-2009-2692 is considered to be a high severity vulnerability due to its potential for local privilege escalation.
How do I fix CVE-2009-2692?
To fix CVE-2009-2692, update your kernel to the recommended versions, such as 0:2.6.24.7-132.el5 or 0:2.6.18-128.7.1.el5.
What are the symptoms of CVE-2009-2692 exploitation?
Exploitation of CVE-2009-2692 may lead to unexpected kernel crashes or system instability due to a NULL pointer dereference.
Which systems are affected by CVE-2009-2692?
CVE-2009-2692 affects various Linux kernel versions, particularly those before version 2.6.30.5.
Can CVE-2009-2692 be exploited without authentication?
Yes, CVE-2009-2692 can be exploited by a local user without requiring authentication, leading to potential privilege escalation.

agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2009-2692
collector/redhat-cve
agent/software-canonical-lookup
agent/references
agent/remedy
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/author
collector/nvd-api
source/NVD
agent/software-canonical-lookup-request
agent/tags
collector/nvd-historical
collector/nvd-index
agent/softwarecombine
package-manager/redhat
vendor/linux
canonical/linux kernel
version/linux kernel/2.4.4
version/linux kernel/2.6.0
vendor/debian
canonical/debian
version/debian/4.0
vendor/suse
canonical/suse linux enterprise real time extension
version/suse linux enterprise real time extension/10
vendor/redhat
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/4.0
version/red hat enterprise linux desktop/5.0
canonical/red hat enterprise linux server eus
version/red hat enterprise linux server eus/4.8
version/red hat enterprise linux server eus/5.3
canonical/red hat enterprise linux server
version/red hat enterprise linux server/4.0
version/red hat enterprise linux server/5.0
version/red hat enterprise linux server/5.3
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/4.0
version/red hat enterprise linux workstation/5.0
version/linux kernel/2.4.19
version/linux kernel/2.4.15
version/linux kernel/2.4.30-rc3
version/linux kernel/2.4.27
version/linux kernel/2.6.11
version/linux kernel/2.6.16.16
version/linux kernel/2.6.11.2
version/linux kernel/2.6.15.3
version/linux kernel/2.4.11
version/linux kernel/2.6.11.10
version/linux kernel/2.6.1
version/linux kernel/2.4.32
version/linux kernel/2.6.14.7
version/linux kernel/2.4.23
version/linux kernel/2.6.13
version/linux kernel/2.6.13.3
version/linux kernel/2.6.11.8
version/linux kernel/2.4.36.6
version/linux kernel/2.4.26
version/linux kernel/2.4.18
version/linux kernel/2.6.30-rc2
version/linux kernel/2.6.14.4
version/linux kernel/2.6.14
version/linux kernel/2.6.16.18
version/linux kernel/2.6.10
version/linux kernel/2.4.12
version/linux kernel/2.6.14.3
version/linux kernel/2.6.30-rc3
version/linux kernel/2.4.13
version/linux kernel/2.6.11.6
version/linux kernel/2.6.11.11
version/linux kernel/2.6.16.13
version/linux kernel/2.4.36.2
version/linux kernel/2.4.17
version/linux kernel/2.6.16.15
version/linux kernel/2.4.33.2
version/linux kernel/2.6.15.6
version/linux kernel/2.6.15.1
version/linux kernel/2.6.11.5
version/linux kernel/2.4.21
version/linux kernel/2.6.16.1
version/linux kernel/2.6.14.5
version/linux kernel/2.6.13.2
version/linux kernel/2.4.36.1
version/linux kernel/2.6.13.5
version/linux kernel/2.4.7
version/linux kernel/2.6.16.11
version/linux kernel/2.4.25
version/linux kernel/2.6.16.14
version/linux kernel/2.6.16.25
version/linux kernel/2.4.31--pre1
version/linux kernel/2.6.16.21
version/linux kernel/2.6.16.28
version/linux kernel/2.6.14.1
version/linux kernel/2.4.9
version/linux kernel/2.6.16.23
version/linux kernel/2.6.12.5
version/linux kernel/2.6.15.7
version/linux kernel/2.4.29--rc2
version/linux kernel/2.4.36.4
version/linux kernel/2.4.34
version/linux kernel/2.6.14.6
version/linux kernel/2.6.12.1
version/linux kernel/2.6.11.9
version/linux kernel/2.4.30
version/linux kernel/2.4.28
version/linux kernel/2.4.35.3
version/linux kernel/2.4.32--pre2
version/linux kernel/2.4.36.3
version/linux kernel/2.6.13.4
version/linux kernel/2.4.24
version/linux kernel/2.4.10
version/linux kernel/2.6.12.2
version/linux kernel/2.6.30-rc5
version/linux kernel/2.6.16.26
version/linux kernel/2.4.30-rc2
version/linux kernel/2.4.33
version/linux kernel/2.4.16
version/linux kernel/2.4.8
version/linux kernel/2.4.14
version/linux kernel/2.4.33.7
version/linux kernel/2.6.16
version/linux kernel/2.6.30.4
version/linux kernel/2.6.15.2
version/linux kernel/2.6.16.22
version/linux kernel/2.4.33.3
version/linux kernel/2.4.29--rc1
version/linux kernel/2.6.16.10
version/linux kernel/2.6.12.4
version/linux kernel/2.6.11.3
version/linux kernel/2.6.16.24
canonical/red hat kernel-devel
version/red hat kernel-devel/2.6.24.7
version/linux kernel/2.6.12.3
version/linux kernel/2.6.30.2
version/linux kernel/2.4.33.4
version/linux kernel/2.4.22
version/linux kernel/2.4.5
version/linux kernel/2.4.36.7
version/linux kernel/2.6.15.4
version/linux kernel/2.6.30.1
version/linux kernel/2.6.16.17
version/linux kernel/2.6.16.12
version/linux kernel/2.6.16.27
version/linux kernel/2.4.33-p-re1
version/linux kernel/2.6.12.6
version/linux kernel/2.6.11.7
version/linux kernel/2.6.16.2
version/linux kernel/2.6.15
version/linux kernel/2.4.37.1
version/linux kernel/2.4.36
version/linux kernel/2.4.32--pre1
version/red hat kernel-devel/2.6.25.15
version/linux kernel/2.6.14.2
version/linux kernel/2.4.36.5
version/linux kernel/2.4.6
version/linux kernel/2.4.33.5
version/linux kernel/2.6.30-rc6
version/linux kernel/2.4.37--rc1
version/linux kernel/2.4.29
version/linux kernel/2.6.30-rc1
version/linux kernel/2.6.30
version/linux kernel/2.6.11.4
version/linux kernel/2.6.16.19
version/linux kernel/2.4.20
version/linux kernel/2.6.11.12
version/linux kernel/2.6.16.20
version/linux kernel/2.6.15.5
version/linux kernel/2.4.36.8
version/linux kernel/2.6.30-rc7-git6
version/linux kernel/2.6.11.1
version/linux kernel/2.6.13.1
version/linux kernel/2.6
version/linux kernel/2.6.12

CVE-2009-2692: Buffer Overflow

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2009-2692?

How do I fix CVE-2009-2692?

What are the symptoms of CVE-2009-2692 exploitation?

Which systems are affected by CVE-2009-2692?

Can CVE-2009-2692 be exploited without authentication?

Company

Resources

Contact