Oval Definition:oval:org.mitre.oval:def:9882
Revision Date:2013-04-29Version:12
Title:The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) interaction between the mmap_min_addr protection mechanism and certain application programs.
Description:The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) interaction between the mmap_min_addr protection mechanism and certain application programs.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-2695
Platform(s):CentOS Linux 5
Oracle Linux 5
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • kernel-kdump is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-debug is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-xen is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-headers is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-kdump-devel is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-xen-devel is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-PAE-devel is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-devel is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-PAE is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-debug-devel is earlier than 0:2.6.18-164.6.1.el5
  • OR kernel-doc is earlier than 0:2.6.18-164.6.1.el5
    • BACK