CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.7 | $0-$5k | 0.00 |
A vulnerability has been found in Linux Kernel 2.6.23 (Operating System) and classified as problematic. This vulnerability affects the function kill_something_info
. The manipulation with an unknown input leads to a access control vulnerability. The CWE definition for the vulnerability is CWE-264. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.
The bug was discovered 04/20/2009. The weakness was presented 04/22/2009 by Daniel Hokka Zakrisson as Bug 496031 as not defined bug report (Bugzilla). The advisory is shared for download at bugzilla.redhat.com. This vulnerability was named CVE-2009-1338 since 04/17/2009. The exploitation appears to be easy. The attack needs to be approached locally. No form of authentication is required for a successful exploitation. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1068.
The vulnerability was handled as a non-public zero-day exploit for at least 561 days. During that time the estimated underground price was around $25k-$100k. The vulnerability scanner Nessus provides a plugin with the ID 38668 (Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Debian Local Security Checks and running in the context l.
Upgrading eliminates this vulnerability. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (50386) and Tenable (38668). See 45624, 45355, 47924 and 47913 for similar entries.
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.7
VulDB Base Score: 5.9
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Access controlCWE: CWE-264
ATT&CK: T1068
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 38668
Nessus Name: Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 63939
OpenVAS Name: Debian Security Advisory DSA 1787-1 (linux-2.6.24)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Timeline
10/09/2007 🔍07/17/2008 🔍
07/17/2008 🔍
04/17/2009 🔍
04/20/2009 🔍
04/22/2009 🔍
04/22/2009 🔍
05/02/2009 🔍
05/04/2009 🔍
05/04/2009 🔍
05/12/2009 🔍
03/17/2015 🔍
09/03/2019 🔍
Sources
Vendor: kernel.orgAdvisory: Bug 496031
Researcher: Daniel Hokka Zakrisson
Status: Not defined
Confirmation: 🔍
CVE: CVE-2009-1338 (🔍)
OVAL: 🔍
X-Force: 50386
Vulnerability Center: 21990 - Linux Kernel < 2.6.28 PID Namespaces Local DoS Vulnerability, Medium
SecurityFocus: 34558 - Linux Kernel 'kill_something_info()' Local Denial of Service Vulnerability
Secunia: 34981 - Debian update for linux-2.6.24, Less Critical
OSVDB: 56430 - CVE-2009-1338 - Linux - Kernel - Security Bypass Issue
See also: 🔍
Entry
Created: 03/17/2015 23:38Updated: 09/03/2019 11:45
Changes: 03/17/2015 23:38 (83), 09/03/2019 11:45 (5)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.