Think you have a false positive on this rule?

Sid 1-16700

Message

PROTOCOL-RPC Linux Kernel nfsd v2 tcp CAP_MKNOD security bypass attempt

Summary

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAPMKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the rootsquash option.

Impact

CVSS base score 4.9 CVSS impact score 6.9 CVSS exploitability score 3.9 confidentialityImpact NONE integrityImpact COMPLETE availabilityImpact COMPLETE

CVE-2009-1072:

CVSS base score 4.9

CVSS impact score 6.9

CVSS exploitability score 3.9

Confidentiality Impact NONE

Integrity Impact COMPLETE

Availability Impact NONE

Detailed information

CVE-2009-1072: nfsd in the Linux kernel before 2.6.28.9 does not drop the CAPMKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the rootsquash option.

Affected systems

  • linux linux_kernel 2.2.27
  • linux linux_kernel 2.4.36
  • linux linux_kernel 2.4.36.1
  • linux linux_kernel 2.4.36.2
  • linux linux_kernel 2.4.36.3
  • linux linux_kernel 2.4.36.4
  • linux linux_kernel 2.4.36.5
  • linux linux_kernel 2.4.36.6
  • linux linux_kernel 2.6
  • linux linux_kernel 2.6.0
  • linux linux_kernel 2.6.1
  • linux linux_kernel 2.6.2
  • linux linux_kernel 2.6.2.27.13
  • linux linux_kernel 2.6.3
  • linux linux_kernel 2.6.4
  • linux linux_kernel 2.6.5
  • linux linux_kernel 2.6.6
  • linux linux_kernel 2.6.7
  • linux linux_kernel 2.6.8
  • linux linux_kernel 2.6.8.1
  • linux linux_kernel 2.6.9
  • linux linux_kernel 2.6.10
  • linux linux_kernel 2.6.11
  • linux linux_kernel 2.6.11.1
  • linux linux_kernel 2.6.11.2
  • linux linux_kernel 2.6.11.3
  • linux linux_kernel 2.6.11.4
  • linux linux_kernel 2.6.11.5
  • linux linux_kernel 2.6.11.6
  • linux linux_kernel 2.6.11.7
  • linux linux_kernel 2.6.11.8
  • linux linux_kernel 2.6.11.9
  • linux linux_kernel 2.6.11.10
  • linux linux_kernel 2.6.11.11
  • linux linux_kernel 2.6.11.12
  • linux linux_kernel 2.6.12
  • linux linux_kernel 2.6.12.1
  • linux linux_kernel 2.6.12.2
  • linux linux_kernel 2.6.12.3
  • linux linux_kernel 2.6.12.4
  • linux linux_kernel 2.6.12.5
  • linux linux_kernel 2.6.12.6
  • linux linux_kernel 2.6.13
  • linux linux_kernel 2.6.13.1
  • linux linux_kernel 2.6.13.2
  • linux linux_kernel 2.6.13.3
  • linux linux_kernel 2.6.13.4
  • linux linux_kernel 2.6.13.5
  • linux linux_kernel 2.6.14
  • linux linux_kernel 2.6.14.1
  • linux linux_kernel 2.6.14.2
  • linux linux_kernel 2.6.14.3
  • linux linux_kernel 2.6.14.4
  • linux linux_kernel 2.6.14.5
  • linux linux_kernel 2.6.14.6
  • linux linux_kernel 2.6.14.7
  • linux linux_kernel 2.6.15
  • linux linux_kernel 2.6.15.1
  • linux linux_kernel 2.6.15.2
  • linux linux_kernel 2.6.15.3
  • linux linux_kernel 2.6.15.4
  • linux linux_kernel 2.6.15.5
  • linux linux_kernel 2.6.15.6
  • linux linux_kernel 2.6.15.7
  • linux linux_kernel 2.6.16
  • linux linux_kernel 2.6.16.1
  • linux linux_kernel 2.6.16.2
  • linux linux_kernel 2.6.16.3
  • linux linux_kernel 2.6.16.4
  • linux linux_kernel 2.6.16.5
  • linux linux_kernel 2.6.16.6
  • linux linux_kernel 2.6.16.7
  • linux linux_kernel 2.6.16.8
  • linux linux_kernel 2.6.16.9
  • linux linux_kernel 2.6.16.10
  • linux linux_kernel 2.6.16.11
  • linux linux_kernel 2.6.16.12
  • linux linux_kernel 2.6.16.13
  • linux linux_kernel 2.6.16.14
  • linux linux_kernel 2.6.16.15
  • linux linux_kernel 2.6.16.16
  • linux linux_kernel 2.6.16.17
  • linux linux_kernel 2.6.16.18
  • linux linux_kernel 2.6.16.19
  • linux linux_kernel 2.6.16.20
  • linux linux_kernel 2.6.16.21
  • linux linux_kernel 2.6.16.22
  • linux linux_kernel 2.6.16.23
  • linux linux_kernel 2.6.16.24
  • linux linux_kernel 2.6.16.25
  • linux linux_kernel 2.6.16.26
  • linux linux_kernel 2.6.16.27
  • linux linux_kernel 2.6.16.28
  • linux linux_kernel 2.6.16.29
  • linux linux_kernel 2.6.16.30
  • linux linux_kernel 2.6.16.31
  • linux linux_kernel 2.6.16.32
  • linux linux_kernel 2.6.16.33
  • linux linux_kernel 2.6.16.34
  • linux linux_kernel 2.6.16.35
  • linux linux_kernel 2.6.16.36
  • linux linux_kernel 2.6.16.37
  • linux linux_kernel 2.6.16.38
  • linux linux_kernel 2.6.16.39
  • linux linux_kernel 2.6.16.40
  • linux linux_kernel 2.6.16.41
  • linux linux_kernel 2.6.16.42
  • linux linux_kernel 2.6.16.43
  • linux linux_kernel 2.6.16.44
  • linux linux_kernel 2.6.16.45
  • linux linux_kernel 2.6.16.46
  • linux linux_kernel 2.6.16.47
  • linux linux_kernel 2.6.16.48
  • linux linux_kernel 2.6.16.49
  • linux linux_kernel 2.6.16.50
  • linux linux_kernel 2.6.16.51
  • linux linux_kernel 2.6.16.52
  • linux linux_kernel 2.6.16.53
  • linux linux_kernel 2.6.16.54
  • linux linux_kernel 2.6.16.55
  • linux linux_kernel 2.6.16.56
  • linux linux_kernel 2.6.16.57
  • linux linux_kernel 2.6.16.58
  • linux linux_kernel 2.6.16.59
  • linux linux_kernel 2.6.16.60
  • linux linux_kernel 2.6.16.61
  • linux linux_kernel 2.6.16.62
  • linux linux_kernel 2.6.17
  • linux linux_kernel 2.6.17.1
  • linux linux_kernel 2.6.17.2
  • linux linux_kernel 2.6.17.3
  • linux linux_kernel 2.6.17.4
  • linux linux_kernel 2.6.17.5
  • linux linux_kernel 2.6.17.6
  • linux linux_kernel 2.6.17.7
  • linux linux_kernel 2.6.17.8
  • linux linux_kernel 2.6.17.9
  • linux linux_kernel 2.6.17.10
  • linux linux_kernel 2.6.17.11
  • linux linux_kernel 2.6.17.12
  • linux linux_kernel 2.6.17.13
  • linux linux_kernel 2.6.17.14
  • linux linux_kernel 2.6.18
  • linux linux_kernel 2.6.18.1
  • linux linux_kernel 2.6.18.2
  • linux linux_kernel 2.6.18.3
  • linux linux_kernel 2.6.18.4
  • linux linux_kernel 2.6.18.5
  • linux linux_kernel 2.6.18.6
  • linux linux_kernel 2.6.18.7
  • linux linux_kernel 2.6.18.8
  • linux linux_kernel 2.6.19
  • linux linux_kernel 2.6.19.1
  • linux linux_kernel 2.6.19.2
  • linux linux_kernel 2.6.19.3
  • linux linux_kernel 2.6.19.4
  • linux linux_kernel 2.6.19.5
  • linux linux_kernel 2.6.19.6
  • linux linux_kernel 2.6.19.7
  • linux linux_kernel 2.6.20
  • linux linux_kernel 2.6.20.1
  • linux linux_kernel 2.6.20.2
  • linux linux_kernel 2.6.20.3
  • linux linux_kernel 2.6.20.4
  • linux linux_kernel 2.6.20.5
  • linux linux_kernel 2.6.20.6
  • linux linux_kernel 2.6.20.7
  • linux linux_kernel 2.6.20.8
  • linux linux_kernel 2.6.20.9
  • linux linux_kernel 2.6.20.10
  • linux linux_kernel 2.6.20.11
  • linux linux_kernel 2.6.20.12
  • linux linux_kernel 2.6.20.13
  • linux linux_kernel 2.6.20.14
  • linux linux_kernel 2.6.20.15
  • linux linux_kernel 2.6.20.16
  • linux linux_kernel 2.6.20.17
  • linux linux_kernel 2.6.20.18
  • linux linux_kernel 2.6.20.19
  • linux linux_kernel 2.6.20.20
  • linux linux_kernel 2.6.20.21
  • linux linux_kernel 2.6.21
  • linux linux_kernel 2.6.21.1
  • linux linux_kernel 2.6.21.2
  • linux linux_kernel 2.6.21.3
  • linux linux_kernel 2.6.21.4
  • linux linux_kernel 2.6.21.5
  • linux linux_kernel 2.6.21.6
  • linux linux_kernel 2.6.21.7
  • linux linux_kernel 2.6.22
  • linux linux_kernel 2.6.22.1
  • linux linux_kernel 2.6.22.2
  • linux linux_kernel 2.6.22.3
  • linux linux_kernel 2.6.22.4
  • linux linux_kernel 2.6.22.5
  • linux linux_kernel 2.6.22.6
  • linux linux_kernel 2.6.22.7
  • linux linux_kernel 2.6.22.8
  • linux linux_kernel 2.6.22.9
  • linux linux_kernel 2.6.22.10
  • linux linux_kernel 2.6.22.11
  • linux linux_kernel 2.6.22.12
  • linux linux_kernel 2.6.22.13
  • linux linux_kernel 2.6.22.14
  • linux linux_kernel 2.6.22.15
  • linux linux_kernel 2.6.22.16
  • linux linux_kernel 2.6.22.17
  • linux linux_kernel 2.6.22.18
  • linux linux_kernel 2.6.22.19
  • linux linux_kernel 2.6.22.20
  • linux linux_kernel 2.6.22.21
  • linux linux_kernel 2.6.22.22
  • linux linuxkernel 2.6.22rc1
  • linux linuxkernel 2.6.22rc7
  • linux linux_kernel 2.6.23
  • linux linux_kernel 2.6.23.1
  • linux linux_kernel 2.6.23.2
  • linux linux_kernel 2.6.23.3
  • linux linux_kernel 2.6.23.4
  • linux linux_kernel 2.6.23.5
  • linux linux_kernel 2.6.23.6
  • linux linux_kernel 2.6.23.7
  • linux linux_kernel 2.6.23.8
  • linux linux_kernel 2.6.23.9
  • linux linux_kernel 2.6.23.10
  • linux linux_kernel 2.6.23.11
  • linux linux_kernel 2.6.23.12
  • linux linux_kernel 2.6.23.13
  • linux linux_kernel 2.6.23.14
  • linux linux_kernel 2.6.23.15
  • linux linux_kernel 2.6.23.16
  • linux linux_kernel 2.6.23.17
  • linux linuxkernel 2.6.23rc1
  • linux linux_kernel 2.6.24
  • linux linux_kernel 2.6.24.1
  • linux linux_kernel 2.6.24.2
  • linux linux_kernel 2.6.24.3
  • linux linux_kernel 2.6.24.4
  • linux linux_kernel 2.6.24.5
  • linux linux_kernel 2.6.24.6
  • linux linux_kernel 2.6.24.7
  • linux linuxkernel 2.6.24rc1
  • linux linuxkernel 2.6.24rc4
  • linux linuxkernel 2.6.24rc5
  • linux linux_kernel 2.6.25
  • linux linux_kernel 2.6.25.1
  • linux linux_kernel 2.6.25.2
  • linux linux_kernel 2.6.25.3
  • linux linux_kernel 2.6.25.4
  • linux linux_kernel 2.6.25.5
  • linux linux_kernel 2.6.25.6
  • linux linux_kernel 2.6.25.7
  • linux linux_kernel 2.6.25.8
  • linux linux_kernel 2.6.25.9
  • linux linux_kernel 2.6.25.10
  • linux linux_kernel 2.6.25.11
  • linux linux_kernel 2.6.25.12
  • linux linux_kernel 2.6.25.13
  • linux linux_kernel 2.6.25.14
  • linux linux_kernel 2.6.25.15
  • linux linux_kernel 2.6.25.16
  • linux linux_kernel 2.6.25.17
  • linux linux_kernel 2.6.25.18
  • linux linux_kernel 2.6.25.19
  • linux linux_kernel 2.6.25.20
  • linux linux_kernel 2.6.26
  • linux linux_kernel 2.6.26.1
  • linux linux_kernel 2.6.26.2
  • linux linux_kernel 2.6.26.3
  • linux linux_kernel 2.6.26.4
  • linux linux_kernel 2.6.26.5
  • linux linux_kernel 2.6.26.6
  • linux linux_kernel 2.6.26.7
  • linux linux_kernel 2.6.26.8
  • linux linux_kernel 2.6.27
  • linux linux_kernel 2.6.27.1
  • linux linux_kernel 2.6.27.2
  • linux linux_kernel 2.6.27.3
  • linux linux_kernel 2.6.27.4
  • linux linux_kernel 2.6.27.5
  • linux linux_kernel 2.6.27.6
  • linux linux_kernel 2.6.27.7
  • linux linux_kernel 2.6.27.8
  • linux linux_kernel 2.6.27.9
  • linux linux_kernel 2.6.27.10
  • linux linux_kernel 2.6.27.11
  • linux linux_kernel 2.6.27.12
  • linux linux_kernel 2.6.27.13
  • linux linux_kernel 2.6.27.14
  • linux linux_kernel 2.6.27.15
  • linux linux_kernel 2.6.27.16
  • linux linux_kernel 2.6.27.17
  • linux linux_kernel 2.6.27.18
  • linux linux_kernel 2.6.27.19
  • linux linux_kernel 2.6.27.20
  • linux linux_kernel 2.6.28
  • linux linux_kernel 2.6.28.1
  • linux linux_kernel 2.6.28.2
  • linux linux_kernel 2.6.28.3
  • linux linux_kernel 2.6.28.4
  • linux linux_kernel 2.6.28.5
  • linux linux_kernel 2.6.28.6
  • linux linux_kernel 2.6.28.7
  • linux linux_kernel 2.6.28.8

Ease of attack

CVE-2009-1072:

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References