CVE 2009-3725
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.
Related bugs and status
CVE-2009-3725 (Candidate) is related to these bugs:
Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
395973 | Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities | The Dell Mini Project | Undecided | Confirmed |
Bug #431963: io/fs errors when launching gdm on imx51 with sata
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
431963 | io/fs errors when launching gdm on imx51 with sata | linux-fsl-imx51 (Ubuntu) | High | Fix Released | ||
431963 | io/fs errors when launching gdm on imx51 with sata | linux-fsl-imx51 (Ubuntu Karmic) | High | Fix Released | ||
431963 | io/fs errors when launching gdm on imx51 with sata | linux-fsl-imx51 (Ubuntu Lucid) | High | Fix Released |
Bug #453682: late resume failure on dove
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
453682 | late resume failure on dove | linux-mvl-dove (Ubuntu) | High | Fix Released | ||
453682 | late resume failure on dove | linux-mvl-dove (Ubuntu Karmic) | High | Fix Released | ||
453682 | late resume failure on dove | linux-mvl-dove (Ubuntu Lucid) | High | Fix Released |
Bug #491301: [Karmic] mac80211: Fix remotly triggerable problems in the stack
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
491301 | [Karmic] mac80211: Fix remotly triggerable problems in the stack | linux (Ubuntu) | High | Fix Released |
Bug #494831: Alignment trap/Unhandled fault errors on boot
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
494831 | Alignment trap/Unhandled fault errors on boot | linux-mvl-dove (Ubuntu) | Critical | Fix Released | ||
494831 | Alignment trap/Unhandled fault errors on boot | linux-mvl-dove (Ubuntu Lucid) | Critical | Fix Released | ||
494831 | Alignment trap/Unhandled fault errors on boot | linux-mvl-dove (Ubuntu Karmic) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.