CVE-2009-3725 Information
Share on:Description
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb (2) pohmelfs (3) dst or (4) dm subsystem which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.
Reference
http://marc.info/?l=linux-kernel&m=125449888416314&w=2 http://marc.info/?l=oss-security&m=125715484511380&w=2 http://marc.info/?l=oss-security&m=125716192622235&w=2 http://patchwork.kernel.org/patch/51382/ http://patchwork.kernel.org/patch/51383/ http://patchwork.kernel.org/patch/51384/ http://patchwork.kernel.org/patch/51387/ http://secunia.com/advisories/37113 http://secunia.com/advisories/38905 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5 http://www.securityfocus.com/bid/36834 http://www.ubuntu.com/usn/usn-864-1 http://xorl.wordpress.com/2009/10/31/linux-kernel-multiple-capabilities-missing-checks/