CVE-2009-1527 - Vulnerability Details - OpenCVE

Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:2.6.30:-::::::
	cpe:2.3:o:linux:linux_kernel:2.6.30:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.30:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.30:rc3::::::

No data.

References

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb
http://secunia.com/advisories/34977
http://secunia.com/advisories/35120
http://wiki.rpath.com/Advisories:rPSA-2009-0084
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4
http://www.openwall.com/lists/oss-security/2009/05/04/2
http://www.osvdb.org/54188
http://www.securityfocus.com/archive/1/503610/100/0/threaded
http://www.securityfocus.com/bid/34799
http://www.vupen.com/english/advisories/2009/1236
https://exchange.xforce.ibmcloud.com/vulnerabilities/50293

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-05-05T20:00:00

Updated: 2024-08-07T05:13:25.585Z

Reserved: 2009-05-05T00:00:00

Link: CVE-2009-1527

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-05-05T20:30:00.313

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-1527

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-29T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "linux-kernel-ptraceattach-code-execution(50293)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50293"}, {"name": "20090516 rPSA-2009-0084-1 kernel", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"name": "54188", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/54188"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4"}, {"name": "35120", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35120"}, {"name": "[oss-security] 20090504 CVE request: kernel: ptrace_attach: fix the usage of ->cred_exec_mutex", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/05/04/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb"}, {"name": "ADV-2009-1236", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1236"}, {"name": "34799", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34799"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"name": "34977", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34977"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1527", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "linux-kernel-ptraceattach-code-execution(50293)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50293"}, {"name": "20090516 rPSA-2009-0084-1 kernel", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"name": "54188", "refsource": "OSVDB", "url": "http://www.osvdb.org/54188"}, {"name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4"}, {"name": "35120", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35120"}, {"name": "[oss-security] 20090504 CVE request: kernel: ptrace_attach: fix the usage of ->cred_exec_mutex", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/05/04/2"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb"}, {"name": "ADV-2009-1236", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1236"}, {"name": "34799", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34799"}, {"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0084", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"name": "34977", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34977"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:13:25.585Z"}, "title": "CVE Program Container", "references": [{"name": "linux-kernel-ptraceattach-code-execution(50293)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50293"}, {"name": "20090516 rPSA-2009-0084-1 kernel", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"name": "54188", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/54188"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4"}, {"name": "35120", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35120"}, {"name": "[oss-security] 20090504 CVE request: kernel: ptrace_attach: fix the usage of ->cred_exec_mutex", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2009/05/04/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb"}, {"name": "ADV-2009-1236", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1236"}, {"name": "34799", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34799"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"name": "34977", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34977"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1527", "datePublished": "2009-05-05T20:00:00", "dateReserved": "2009-05-05T00:00:00", "dateUpdated": "2024-08-07T05:13:25.585Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3871E973-1DCE-4C2D-8FF0-9330AF928297", "versionEndIncluding": "2.6.29", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30:-:*:*:*:*:*:*", "matchCriteriaId": "77B40D2B-9AAA-49A4-9C74-7A94A82DBCCC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*", "matchCriteriaId": "45273823-29EA-44DE-8444-3933402C5793", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*", "matchCriteriaId": "88F60E74-09DB-4D4A-B922-4A46EED0EC20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*", "matchCriteriaId": "E242D3DE-D1DC-406A-BCC3-C4380B7EC369", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object."}, {"lang": "es", "value": "Condici\u00f3n de carrera en la funci\u00f3n ptrace_attach en kernel/ptrace.c en el kernel de Linux anterior a 2.6.40-rc4 permite a usuarios locales conseguir privilegios a trav\u00e9s de la llamada PTRACE_ATTACH ptrace durante una ejecuci\u00f3n de sistema que esta lanzando una aplicacion setuid, relacionada con el incorrecto bloqueo del objeto cred_exec_mutex."}], "id": "CVE-2009-1527", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-05-05T20:30:00.313", "references": [{"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/34977"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/35120"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2009/05/04/2"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.osvdb.org/54188"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/34799"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://www.vupen.com/english/advisories/2009/1236"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50293"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cad81bc2529ab8c62b6fdc83a1c0c7f4a87209eb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/34977"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/35120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2009/05/04/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.osvdb.org/54188"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/34799"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://www.vupen.com/english/advisories/2009/1236"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50293"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, or Red Hat Enterprise MRG.", "lastModified": "2009-05-06T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}