The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 02:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2009-07-20 17:30
Updated : 2023-12-10 10:51
NVD link : CVE-2009-1897
Mitre link : CVE-2009-1897
CVE.ORG link : CVE-2009-1897
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer