Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-1883

The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage.

Related bugs and status

CVE-2009-1883 (Candidate) is related to these bugs:

Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities

Summary				In	Importance	Status
	395973	Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: https://bugzilla.redha...
MISC: http://www.redhat.com/...
MISC: http://lists.opensuse....
MISC: http://www.ubuntu.com/...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: https://oval.cisecurit...