CVE-2009-2848

Common Vulnerabilities and Exposures

Upstream information

CVE-2009-2848 at MITRE

Description

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.

NVD CVSS v2 Base Score: 4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 527865

SUSE Security Advisories:

SUSE-SA:2009:054, published Wed, 11 Nov 2009 15:00:00 +0000
SUSE-SA:2009:056, published Mon, 16 Nov 2009 13:00:00 +0000
SUSE-SA:2010:012, published Mon, 15 Feb 2010 16:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.37_0.1-2.1.18` `cluster-network-kmp-pae >= 1.4_2.6.27.37_0.1-2.1.18` `cluster-network-kmp-xen >= 1.4_2.6.27.37_0.1-2.1.18`	sle11-debuginfo.x86 sles11.x86 sle11-hae.x86 sled11.x86 sle11-sdk.x86 SAT Patch Nr: 1413
Novell Linux Desktop 9 for x86_64	`kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	sles9-nld.x86-64 YOU Patch Nr: 12547
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF	`kernel-debug-debuginfo >= 2.6.16.60-0.42.7` `kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-source-debuginfo >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.ia64 sle10-sp2-sdk.ia64 sles10-sp2.ia64 ZYPP Patch Nr: 6633
SUSE Linux Enterprise Server 10 SP2 for IPF	`kernel-debug >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.ia64 sle10-sp2-sdk.ia64 sles10-sp2.ia64 ZYPP Patch Nr: 6633
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit	`kernel-default-debuginfo >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.s390x sles10-sp2.s390x ZYPP Patch Nr: 6635
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit	`kernel-default >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7`	sles10-sp2-debuginfo.s390x sles10-sp2.s390x ZYPP Patch Nr: 6635
SUSE CORE 9 for IBM S/390 31bit	`kernel-s390 >= 2.6.5-7.321` `kernel-s390-debug >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.s390 YOU Patch Nr: 12544
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.37_0.1-2.1.18`	sle11-debuginfo.ia64 sles11.ia64 sle11-hae.ia64 SAT Patch Nr: 1409
Novell Linux POS 9 SUSE CORE 9 for x86	`kernel-bigsmp >= 2.6.5-7.321` `kernel-debug >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321` `kernel-um >= 2.6.5-7.321` `kernel-xen >= 2.6.5-7.321` `kernel-xenpae >= 2.6.5-7.321` `um-host-install-initrd >= 1.0-48.34` `um-host-kernel >= 2.6.5-7.321` `xen-kmp >= 3.0.4_2.6.5_7.321-0.2`	core9.x86 sles9-nlpos.x86 YOU Patch Nr: 12541
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.37_0.1-2.1.18` `cluster-network-kmp-xen >= 1.4_2.6.27.37_0.1-2.1.18`	sle11-hae.x86-64 sle11-debuginfo.x86-64 sled11.x86-64 sle11-sdk.x86-64 sles11.x86-64 SAT Patch Nr: 1412
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.37_0.1-2.1.18`	sle11-debuginfo.s390x sle11-hae.s390x sles11.s390x SAT Patch Nr: 1410
SUSE CORE 9 for Itanium Processor Family	`kernel-64k-pagesize >= 2.6.5-7.321` `kernel-debug >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-sn2 >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.ia64 YOU Patch Nr: 12542
SUSE CORE 9 for IBM zSeries 64bit	`kernel-s390x >= 2.6.5-7.321` `kernel-s390x-debug >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.s390x YOU Patch Nr: 12545
SUSE CORE 9 for IBM POWER	`kernel-default >= 2.6.5-7.321` `kernel-iseries64 >= 2.6.5-7.321` `kernel-pmac64 >= 2.6.5-7.321` `kernel-pseries64 >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	core9.ppc YOU Patch Nr: 12543
SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER	`kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-iseries64-debuginfo >= 2.6.16.60-0.42.7` `kernel-kdump-debuginfo >= 2.6.16.60-0.42.7` `kernel-ppc64-debuginfo >= 2.6.16.60-0.42.7`	sles10-sp2.ppc sles10-sp2-debuginfo.ppc sle10-sp2-sdk.ppc ZYPP Patch Nr: 6634
SUSE Linux Enterprise Server 10 SP2 for IBM POWER	`kernel-default >= 2.6.16.60-0.42.7` `kernel-iseries64 >= 2.6.16.60-0.42.7` `kernel-kdump >= 2.6.16.60-0.42.7` `kernel-ppc64 >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7`	sles10-sp2.ppc sles10-sp2-debuginfo.ppc sle10-sp2-sdk.ppc ZYPP Patch Nr: 6634
SUSE CORE 9 for AMD64 and Intel EM64T	`kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321` `kernel-xen >= 2.6.5-7.321` `xen-kmp >= 3.0.4_2.6.5_7.321-0.2`	core9.x86-64 YOU Patch Nr: 12546
SUSE Linux Enterprise Desktop 10 SP2 for x86	`kernel-bigsmp >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7` `kernel-xenpae >= 2.6.16.60-0.42.7`	sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6632
SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86	`kernel-bigsmp-debuginfo >= 2.6.16.60-0.42.7` `kernel-debug-debuginfo >= 2.6.16.60-0.42.7` `kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-kdump-debuginfo >= 2.6.16.60-0.42.7` `kernel-smp-debuginfo >= 2.6.16.60-0.42.7` `kernel-source-debuginfo >= 2.6.16.60-0.42.7` `kernel-xen-debuginfo >= 2.6.16.60-0.42.7` `kernel-xenpae-debuginfo >= 2.6.16.60-0.42.7`	sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6632
SUSE Linux Enterprise Server 10 SP2 for x86	`kernel-bigsmp >= 2.6.16.60-0.42.7` `kernel-debug >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-kdump >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-vmi >= 2.6.16.60-0.42.7` `kernel-vmipae >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7` `kernel-xenpae >= 2.6.16.60-0.42.7`	sled10-sp2.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 sles10-sp2-debuginfo.x86 ZYPP Patch Nr: 6632
SUSE CORE 9 for AMD64 and Intel EM64T	`kernel-default >= 2.6.5-7.329.TDC` `kernel-smp >= 2.6.5-7.329.TDC` `kernel-source >= 2.6.5-7.329.TDC` `kernel-syms >= 2.6.5-7.329.TDC` `xen-kmp >= 3.0.4_2.6.5_7.329.TDC_-0.3`	Builds YOU Patch Nr: 12814
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T	`kernel-default >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7`	sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10-sp2-debuginfo.x86-64 ZYPP Patch Nr: 6636
SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T	`kernel-debug-debuginfo >= 2.6.16.60-0.42.7` `kernel-default-debuginfo >= 2.6.16.60-0.42.7` `kernel-kdump-debuginfo >= 2.6.16.60-0.42.7` `kernel-smp-debuginfo >= 2.6.16.60-0.42.7` `kernel-source-debuginfo >= 2.6.16.60-0.42.7` `kernel-xen-debuginfo >= 2.6.16.60-0.42.7`	sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10-sp2-debuginfo.x86-64 ZYPP Patch Nr: 6636
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T	`kernel-debug >= 2.6.16.60-0.42.7` `kernel-default >= 2.6.16.60-0.42.7` `kernel-kdump >= 2.6.16.60-0.42.7` `kernel-smp >= 2.6.16.60-0.42.7` `kernel-source >= 2.6.16.60-0.42.7` `kernel-syms >= 2.6.16.60-0.42.7` `kernel-xen >= 2.6.16.60-0.42.7`	sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10-sp2-debuginfo.x86-64 ZYPP Patch Nr: 6636
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.37_0.1-2.1.18`	sles11.ppc sle11-debuginfo.ppc sle11-hae.ppc SAT Patch Nr: 1411
Novell Linux Desktop 9 for x86	`kernel-bigsmp >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321`	sles9-nld.x86 sles9-oes.x86 YOU Patch Nr: 12548
Open Enterprise Server	`kernel-bigsmp >= 2.6.5-7.321` `kernel-debug >= 2.6.5-7.321` `kernel-default >= 2.6.5-7.321` `kernel-smp >= 2.6.5-7.321` `kernel-source >= 2.6.5-7.321` `kernel-syms >= 2.6.5-7.321` `kernel-um >= 2.6.5-7.321` `kernel-xen >= 2.6.5-7.321` `kernel-xenpae >= 2.6.5-7.321` `um-host-install-initrd >= 1.0-48.34` `um-host-kernel >= 2.6.5-7.321` `xen-kmp >= 3.0.4_2.6.5_7.321-0.2`	sles9-nld.x86 sles9-oes.x86 YOU Patch Nr: 12548

Markets

Products By Category

Novell

NetIQ (Moving soon to NetIQ.com)

A-Z

Contribute