CVE-2009-3286: CVE-2009-3286

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3286

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel权限许可和访问控制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。当O_EXCL创建失败时，Linux kernel 2.6.18及其他版本中的NFSv4没有正确清楚索引节点，造成文件在被创建时带有不安全的设置，比如setuid bits，并且可能允许本地用户获得特权。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-3286

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-3286

Please Login to view more intelligence information

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=81ac95c5x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=524520x_refsource_CONFIRM
http://secunia.com/advisories/38834third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/38794third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/37105third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-852-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0528vdb-entryx_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2009-1548.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9757vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7527vdb-entrysignaturex_refsource_OVAL
http://www.openwall.com/lists/oss-security/2009/09/21/2mailing-listx_refsource_MLIST
http://lists.vmware.com/pipermail/security-announce/2010/000082.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2009-3286

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-3286

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2009-3286

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-3286

III. Intelligence Information for CVE-2009-3286

IV. Related Vulnerabilities

V. Comments for CVE-2009-3286

Leave a comment